d5fa4b1723e9f66e627da2ad46e74e4c4eeba0783cbc917d6ef79ebe91462ac4

General

Target

d5fa4b1723e9f66e627da2ad46e74e4c4eeba0783cbc917d6ef79ebe91462ac4
Size

312KB
MD5

809ac69a3e964b97e8bc26f3007213b0
SHA1

e26be135256df75c4141b5e6a088884309405340
SHA256

d5fa4b1723e9f66e627da2ad46e74e4c4eeba0783cbc917d6ef79ebe91462ac4
SHA512

b117fd0d0b81b73fe9cad5531686d465871c7cc55e3b67d36a76cdb9a4ff862d6aec563f42adf52d9c22cee91c0c76752bfa0fff17af9efc86e7082ac0bd5c9d
SSDEEP

6144:YhaxRhcIOpQ5l3Yg+qxWLTZPu3ZVDUX0Fpq0hCaYxv2i3n/jeYQ9WnziGg:YMhcItnYgbaZwVG0fq0jYt/jeDQjg

Score

N/A

Malware Config

Signatures

Files

d5fa4b1723e9f66e627da2ad46e74e4c4eeba0783cbc917d6ef79ebe91462ac4
.exe windows x86

f8aa8a336e51e82413908daca8369457

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetVolumePathNameA
lstrlenA
CreateEventW
ResumeThread
CreateEventW
GetDriveTypeA
SetLastError
GetCurrentThread
GetProcessHeap
HeapFree
LoadLibraryW
TlsGetValue
GetPrivateProfileSectionA
VirtualProtect
DeleteFileA
CreateEventW
GetStringTypeW
FindAtomW
GetStartupInfoA
GetProcessVersion
SuspendThread

clbcatq

CheckMemoryGates
CheckMemoryGates
ComPlusMigrate
CheckMemoryGates
SetupOpen
SetupOpen
DllGetClassObject
CheckMemoryGates
SetupOpen
CheckMemoryGates
DllGetClassObject
ComPlusMigrate
ComPlusMigrate

gpedit

ExportRSoPData
BrowseForGPO
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f8aa8a336e51e82413908daca8369457

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 768B

.data Size: 3KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 352B

.rsrc Size: 305KB - Virtual size: 305KB

.orpc Size: 512B - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 768B

.data
Size: 3KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 352B

.rsrc
Size: 305KB - Virtual size: 305KB

.orpc
Size: 512B - Virtual size: 4KB