b918fe0ff42e9dd2712455bc3176dec16a6c79c8578128e5a034af2f9a44df77

General

Target

b918fe0ff42e9dd2712455bc3176dec16a6c79c8578128e5a034af2f9a44df77
Size

312KB
MD5

a1b4973eee65c725d39f11fd85f3bbb0
SHA1

22ea2a119b42ef0eff3e88fef6547a6e6b51d0aa
SHA256

b918fe0ff42e9dd2712455bc3176dec16a6c79c8578128e5a034af2f9a44df77
SHA512

e92ea579375963dd358d836fba7a6d9ebaa7bd529da2ec19a9782857ed3f31ed5eaad7a5e880f6d3197fea9821d93d1573acc098e8c62e7124b22dad29d349f7
SSDEEP

3072:ed82iznkhcs/aIK4gFVYHrvwWFy1pBQ1Wq80pKZIU//Zbfhn2661HFH7x+2DaJ3r:KRhcOo8Iu+oW7oFO8H+BGid8pbrA1jg

Score

N/A

Malware Config

Signatures

Files

b918fe0ff42e9dd2712455bc3176dec16a6c79c8578128e5a034af2f9a44df77
.exe windows x86

be8f0ef1c0693174438c7f9df4d21fac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcessHeap
lstrlenA
GetVolumePathNameA
CreateEventW
GetDriveTypeA
HeapFree
GetStringTypeW
ResumeThread
VirtualProtect
DeleteFileA
LoadLibraryW
SetLastError
GetCurrentThread
GetStartupInfoA
FindAtomW
GetProcessVersion
SuspendThread
CreateEventW
GetPrivateProfileSectionA
CreateEventW
TlsGetValue

clbcatq

ComPlusMigrate
CheckMemoryGates
CheckMemoryGates
SetupOpen
SetupOpen
CheckMemoryGates
SetupOpen
DllGetClassObject
ComPlusMigrate
CheckMemoryGates
DllGetClassObject
ComPlusMigrate
CheckMemoryGates

gpedit

ExportRSoPData
BrowseForGPO
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

be8f0ef1c0693174438c7f9df4d21fac

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 768B

.data Size: 3KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 352B

.rsrc Size: 305KB - Virtual size: 305KB

.orpc Size: 512B - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 768B

.data
Size: 3KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 352B

.rsrc
Size: 305KB - Virtual size: 305KB

.orpc
Size: 512B - Virtual size: 4KB