2a3e4ec9f4eca252f8a91fdfeaad3492391fd78466cba635263bef0cca54c417

General

Target

2a3e4ec9f4eca252f8a91fdfeaad3492391fd78466cba635263bef0cca54c417
Size

312KB
MD5

0bb0d0a058e0899b1766085617ae7f6d
SHA1

70f390e319e7c6feb6905ee7c7f5bbea383d87bd
SHA256

2a3e4ec9f4eca252f8a91fdfeaad3492391fd78466cba635263bef0cca54c417
SHA512

951a5a5a86ab88f39dc4089483bc93f938c637b0fd5f10a40e1587546dcaedce8921d020096d42ac0136297c435e1594dcebfc25b56a2beea9e69b0c2da9b0c0
SSDEEP

6144:JRhcAGRX1dE/bAK0zTT2p2Xl7o7nqeMsbwuBDRXYkK:fhcAGDW/b2zTag4b3DRIkK

Score

N/A

Malware Config

Signatures

Files

2a3e4ec9f4eca252f8a91fdfeaad3492391fd78466cba635263bef0cca54c417
.exe windows x86

d034b1c3e4685202b5abce4662959ef5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLogicalDrives
lstrlenA
VirtualProtect
HeapFree
DeleteFileW
GetPrivateProfileSectionA
ReadConsoleA
GetStartupInfoA
CloseHandle
Sleep
GetStringTypeW
ReadConsoleA
PulseEvent
FindAtomW
GetLastError
GetVolumePathNameW
LoadLibraryW
GetDriveTypeA
TlsGetValue
ReleaseMutex
ReadConsoleA

clbcatq

CheckMemoryGates
SetupOpen
SetupOpen
CheckMemoryGates
DllGetClassObject
DllGetClassObject
SetupOpen
ComPlusMigrate
CheckMemoryGates
ComPlusMigrate
CheckMemoryGates
CheckMemoryGates
ComPlusMigrate

gpedit

ExportRSoPData
DllGetClassObject
BrowseForGPO
DllCanUnloadNow

Sections

.text
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d034b1c3e4685202b5abce4662959ef5

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 1024B

.data Size: 3KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 320B

.rsrc Size: 305KB - Virtual size: 305KB

.orpc Size: 512B - Virtual size: 289B

.import Size: 512B - Virtual size: 38B

.text
Size: 1024B - Virtual size: 1024B

.data
Size: 3KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 320B

.rsrc
Size: 305KB - Virtual size: 305KB

.orpc
Size: 512B - Virtual size: 289B

.import
Size: 512B - Virtual size: 38B