2f7a36082c8a80d5dd30b87900047c91a7be6f6036a0e6e3d0c63739b06a3e8f

Sharing

Copy URL Twitter E-mail

General

Target

2f7a36082c8a80d5dd30b87900047c91a7be6f6036a0e6e3d0c63739b06a3e8f
Size

795KB
MD5

78bc14b0e51dfd478f4ebbf63667e4de
SHA1

acf55730dc044786483cbf97744083eb46a3b00c
SHA256

2f7a36082c8a80d5dd30b87900047c91a7be6f6036a0e6e3d0c63739b06a3e8f
SHA512

c2988a3473817535d64c54bb5d8d14801865ce7119c19034b501f5d412e21f15a6a5d89d3c1c1419c3a66a8f519f6c55e0c4300350e8df8fb9ebd682a7c24700
SSDEEP

24576:l5nHiUVTrPO/xTaJOaYehvFkX9axU7wu8:jCURT/QYFkX9ax

Score

N/A

Malware Config

Signatures

Files

2f7a36082c8a80d5dd30b87900047c91a7be6f6036a0e6e3d0c63739b06a3e8f
.exe windows x86

b9ea7969dfeafab96903a59f2e7419fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clbcatq

CLSIDFromStringByBitness
CreateComponentLibraryEx
CoRegCleanup
OpenComponentLibraryOnStreamEx
GetCatalogObject2
DowngradeAPL
SetSetupOpen
ActivatorUpdateForIsRouterChanges
DeleteAllActivatorsForClsid
GetCatalogObject
CheckMemoryGates
SetupOpen
ServerGetApplicationType
InprocServer32FromString
SetSetupSave
OpenComponentLibraryEx
SetupSave
UpdateFromAppChange
UpdateFromComponentChange
OpenComponentLibraryOnMemEx
GetSimpleTableDispenser
GetComputerObject
ComPlusMigrate

user32

DialogBoxParamA
GetCursorFrameInfo
GetDlgCtrlID
UnregisterClassA
GetMessageW
CharLowerBuffA
GetScrollRange
GetWindowTextLengthA
GetCursorInfo
RegisterTasklist
GetKeyboardLayout
ReplyMessage
User32InitializeImmEntryTable
GetMonitorInfoW
MonitorFromPoint
DrawFrame
CreateDesktopW
IsWindowUnicode

kernel32

InitializeCriticalSection
RtlMoveMemory
WriteTapemark
FindAtomA
IsSystemResumeAutomatic
ResumeThread
DuplicateHandle
EnumTimeFormatsW
IsDebuggerPresent
SwitchToFiber
SetConsoleMenuClose
GetTimeFormatW
IsValidLocale
GetLogicalDriveStringsW
GetShortPathNameW
QueryPerformanceCounter
GetNumaAvailableMemoryNode
WritePrivateProfileStringA
FindFirstFileExA
GetFileAttributesExA
VirtualAlloc
SetProcessAffinityMask
EnumResourceLanguagesW
OpenEventW
CreateHardLinkW
VirtualFreeEx
ReplaceFileW
ActivateActCtx
ConvertThreadToFiber
GetEnvironmentStringsW
EnumCalendarInfoA
SetLocalPrimaryComputerNameW
ExitProcess
SetThreadLocale
GetNextVDMCommand
SetMessageWaitingIndicator
OutputDebugStringA
RegisterConsoleVDM
FindFirstVolumeMountPointW
Module32Next
CancelWaitableTimer
lstrcpyA
GetBinaryTypeA
VerifyVersionInfoA
GetThreadTimes
SetVolumeLabelA
GetSystemTimeAsFileTime
TzSpecificLocalTimeToSystemTime
SetLastError
GetEnvironmentVariableA
GetVolumeNameForVolumeMountPointW
lstrlenA
LoadLibraryA
GetVolumeInformationW

Sections

.text
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9ea7969dfeafab96903a59f2e7419fd

Headers

DLL Characteristics

File Characteristics

Imports

clbcatq

user32

kernel32

Sections

.text Size: 215KB - Virtual size: 215KB

.rdata Size: 266KB - Virtual size: 266KB

.data Size: 309KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 215KB - Virtual size: 215KB

.rdata
Size: 266KB - Virtual size: 266KB

.data
Size: 309KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB