8b9064a29995705177b7a1a6b7791ea5cf0f3ef11ad3413553599fba669e92f2

Sharing

Copy URL Twitter E-mail

General

Target

8b9064a29995705177b7a1a6b7791ea5cf0f3ef11ad3413553599fba669e92f2
Size

811KB
MD5

02e6e03fed46a6ab60822cc5ac220d6f
SHA1

f28a0d668d44b22a114e0f94b2655fd1d005d26b
SHA256

8b9064a29995705177b7a1a6b7791ea5cf0f3ef11ad3413553599fba669e92f2
SHA512

166ec0349a1d01383ebeacf62e81c510a047a2c8f1ea84e9e4120d665bf3357d89f04f18d62f8d0580778550de718a7c808a65e3826b2a23fc73a3f0ae951030
SSDEEP

12288:2LrqlIFk70uhSBm1FJi4eldow8iGEkRqWE20txDSVzONlpwTfSpKmchj:K/FkwuhSivRiGOWE5togRptS

Score

N/A

Malware Config

Signatures

Files

8b9064a29995705177b7a1a6b7791ea5cf0f3ef11ad3413553599fba669e92f2
.exe windows x86

634264d9fa87182266d294cbaa7af35f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscms

GetPS2ColorRenderingDictionary
InstallColorProfileW
GetPS2ColorRenderingIntent
RegisterCMMA
DisassociateColorProfileFromDeviceW
GetNamedProfileInfo
SelectCMM
GetPS2ColorSpaceArray
SetColorProfileHeader
CreateMultiProfileTransform
InternalSetDeviceConfig
DeleteColorTransform
GetStandardColorSpaceProfileW
GetColorProfileFromHandle
GetCountColorProfileElements
GetColorProfileElement
CreateColorTransformW
GetCMMInfo
CloseColorProfile
SetColorProfileElement
UnregisterCMMA
DisassociateColorProfileFromDeviceA
InstallColorProfileA
InternalGetDeviceConfig
TranslateBitmapBits
CreateProfileFromLogColorSpaceW
CreateProfileFromLogColorSpaceA
TranslateColors

kernel32

FreeUserPhysicalPages
_lcreat
LoadModule
LZCopy
EnumUILanguagesA
ReadConsoleW
Beep
GetConsoleAliasA
ShowConsoleCursor
GlobalAlloc
GetConsoleAliasExesW
GetTimeFormatA
GetTapeStatus
IsDBCSLeadByteEx
DelayLoadFailureHook
GetFileAttributesA
ResetWriteWatch
GetFileAttributesExA
lstrcpyn
LoadLibraryA
GetModuleHandleExW
GlobalDeleteAtom
VirtualAlloc
Module32NextW
ReadConsoleA
GetStartupInfoA
CancelDeviceWakeupRequest
FindNextFileW
WriteConsoleInputA
SetConsoleTextAttribute
GetModuleHandleW
GetProcAddress
CompareFileTime
BaseDumpAppcompatCache
OpenSemaphoreA
CreateDirectoryExA
WriteConsoleInputVDMA

colbact

PartitionAccessCheck
GetClassInfoForCurrentUser
GetDefaultPartitionForSid
GetDefaultPartitionForCurrentUser

user32

MonitorFromRect
SetKeyboardState
InvertRect
EnumDesktopsA
RegisterServicesProcess
EnumDisplaySettingsW
GetInputDesktop
DdeImpersonateClient
DefMDIChildProcW
EnumWindowStationsA
DefWindowProcW
MessageBoxTimeoutA
GetScrollPos
SwitchToThisWindow
DdeCreateStringHandleA
DdeQueryStringA
GetComboBoxInfo
GetInputState
SendMessageA
GetWindowDC
SetLayeredWindowAttributes
DrawCaptionTempA
InternalGetWindowText
OpenWindowStationA
LookupIconIdFromDirectory
GetGUIThreadInfo
DdeEnableCallback
GetClipboardFormatNameW
WinHelpA
SetDlgItemTextA

Sections

.text
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

634264d9fa87182266d294cbaa7af35f

Headers

DLL Characteristics

File Characteristics

Imports

mscms

kernel32

colbact

user32

Sections

.text Size: 394KB - Virtual size: 394KB

.rdata Size: 134KB - Virtual size: 134KB

.data Size: 192KB - Virtual size: 1.5MB

.rsrc Size: 87KB - Virtual size: 87KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 394KB - Virtual size: 394KB

.rdata
Size: 134KB - Virtual size: 134KB

.data
Size: 192KB - Virtual size: 1.5MB

.rsrc
Size: 87KB - Virtual size: 87KB

.reloc
Size: 1KB - Virtual size: 1KB