e6bacb2d01164084cb27801e7c34c41f038d8564cb79014030d66ff7ad71d577

General

Target

e6bacb2d01164084cb27801e7c34c41f038d8564cb79014030d66ff7ad71d577
Size

311KB
MD5

90a39a12c3a8c54801282092eef2c3e0
SHA1

a99f11354cc448f5c986f2c7edf41d2382161fac
SHA256

e6bacb2d01164084cb27801e7c34c41f038d8564cb79014030d66ff7ad71d577
SHA512

376c8e0c2869f7b886e214701a17c7880d02d9c7307300676f48b8880c48ef82c91fe8075072603d496cdb990a3019319f6bc47cce24fc6a1969d993efe7c9f7
SSDEEP

6144:vBARhcTOszrG8Qvqku8Hupkb4rTD+jPqDcPySn3wag:vUhcT7Czqpkb4CjP0Sn3Lg

Score

N/A

Malware Config

Signatures

Files

e6bacb2d01164084cb27801e7c34c41f038d8564cb79014030d66ff7ad71d577
.exe windows x86

220c4e36d9dce4c857e3d0deb63e5e92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenA
SetLastError
SuspendThread
HeapFree
GetDriveTypeA
GetStartupInfoA
GetStringTypeW
CreateEventW
LoadLibraryW
GetProcessVersion
GetProcessHeap
DeleteFileA
VirtualProtect
GetPrivateProfileSectionA
CreateEventW
FindAtomW
ResumeThread
GetVolumePathNameA
CreateEventW
GetCurrentThread
TlsGetValue

clbcatq

DllGetClassObject
ComPlusMigrate
CheckMemoryGates
SetupOpen
SetupOpen
SetupOpen
ComPlusMigrate
ComPlusMigrate
DllGetClassObject
CheckMemoryGates
CheckMemoryGates
CheckMemoryGates
CheckMemoryGates

gpedit

DllCanUnloadNow
ExportRSoPData
BrowseForGPO
DllGetClassObject

Sections

.text
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

220c4e36d9dce4c857e3d0deb63e5e92

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 960B

.data Size: 3KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 352B

.rsrc Size: 305KB - Virtual size: 305KB

.orpc Size: 512B - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 960B

.data
Size: 3KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 352B

.rsrc
Size: 305KB - Virtual size: 305KB

.orpc
Size: 512B - Virtual size: 4KB