879e3ff2b70ff75727b38b36a8dec7b0b76e38bee5918053e496403e106d1414

General

Target

879e3ff2b70ff75727b38b36a8dec7b0b76e38bee5918053e496403e106d1414
Size

777KB
MD5

a00311d2ba05c5a911f0faa8e6874540
SHA1

6246459942681b5d5ea22bc95299fa882878418c
SHA256

879e3ff2b70ff75727b38b36a8dec7b0b76e38bee5918053e496403e106d1414
SHA512

dce4fe5eac3020c0d24ec827b2e04ee45ffb41bbbe9ae956e17afde97c28549fa0451b3ee7b9c606224146fd904bb034d18ba726e545fe7c13cc49575cbc46ab
SSDEEP

24576:N4DHUFyAkfNfW4JCWKPLrS/uj0TYW2RGlvQ:N4DCBs+4WS/uj012RG1Q

Score

N/A

Malware Config

Signatures

Files

879e3ff2b70ff75727b38b36a8dec7b0b76e38bee5918053e496403e106d1414
.exe windows x86

cb8c7496b308a9582238bd17521d1d84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileSize
lstrcpyA
GetStartupInfoA
HeapCreate
IsBadStringPtrA
GetCurrentDirectoryW
WriteConsoleW
CloseHandle
FormatMessageA
GetLastError
WriteConsoleW
SetFileAttributesA
GetModuleHandleA
lstrcpyW
ReadFile
GetFileTime
IsValidLocale
CreateMutexA
WriteConsoleW
FindResourceA
ReleaseMutex

msi

MsiCloseHandle
MsiCloseAllHandles
MsiCreateRecord
MsiAdvertiseProductA

clbcatq

SetSetupSave
CheckMemoryGates
SetupOpen
DllGetClassObject
CheckMemoryGates
SetupOpen
DllGetClassObject
CheckMemoryGates
SetSetupSave
SetupOpen
ComPlusMigrate
ComPlusMigrate
ComPlusMigrate

ntshrui

IsPathSharedA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 766KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 1024B - Virtual size: 263B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qedit
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cb8c7496b308a9582238bd17521d1d84

Headers

File Characteristics

Imports

kernel32

msi

clbcatq

ntshrui

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 766KB - Virtual size: 2.1MB

.adata Size: 1024B - Virtual size: 263B

.qedit Size: 512B - Virtual size: 240B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 766KB - Virtual size: 2.1MB

.adata
Size: 1024B - Virtual size: 263B

.qedit
Size: 512B - Virtual size: 240B