50ab122d1641ee4cbf30cc3c25374246cc0e3a78ee7432cfb81cb54fc2c9dd11

General

Target

50ab122d1641ee4cbf30cc3c25374246cc0e3a78ee7432cfb81cb54fc2c9dd11
Size

408KB
MD5

66a409c7fc47a84f1511e78af0113730
SHA1

60e44e768eeb631418862df12a027890cf046b51
SHA256

50ab122d1641ee4cbf30cc3c25374246cc0e3a78ee7432cfb81cb54fc2c9dd11
SHA512

8554931980abecb8b3992a792630e33622ad8ec9a7cc66ae9a2ad4e477636e7db8edde3386cea226bd177e20258927a10ebdac0b33ea8985f2a05e7e30070ed8
SSDEEP

12288:df/dqfBlvVwfiwKQOQ2QreZ82Bt+HvsVW1FFGpg:1/dqfLVXswkcsHOWP8p

Score

N/A

Malware Config

Signatures

Files

50ab122d1641ee4cbf30cc3c25374246cc0e3a78ee7432cfb81cb54fc2c9dd11
.exe windows x86

85d49a1ccf2651c9747f17960caf6efb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapFree
CreateEventW
TlsGetValue
GetProcessVersion
CreateEventW
SuspendThread
GetVolumePathNameA
GetStringTypeW
LoadLibraryW
FindAtomW
GetCurrentThread
VirtualProtect
ResumeThread
SetLastError
CreateEventW
lstrlenA
DeleteFileA
GetPrivateProfileSectionA
GetDriveTypeA
GetProcessHeap
GetStartupInfoA

clbcatq

DllGetClassObject
CheckMemoryGates
CheckMemoryGates
DllGetClassObject
ComPlusMigrate
SetupOpen
ComPlusMigrate
SetupOpen
SetupOpen
CheckMemoryGates
ComPlusMigrate
CheckMemoryGates
CheckMemoryGates

gpedit

DllCanUnloadNow
DllGetClassObject
ExportRSoPData
BrowseForGPO

Sections

.text
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 472KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 401KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85d49a1ccf2651c9747f17960caf6efb

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 616B

.data Size: 3KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 472KB

.rsrc Size: 401KB - Virtual size: 401KB

.orpc Size: 512B - Virtual size: 4KB

.import Size: 512B - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 616B

.data
Size: 3KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 472KB

.rsrc
Size: 401KB - Virtual size: 401KB

.orpc
Size: 512B - Virtual size: 4KB

.import
Size: 512B - Virtual size: 4KB