12ea74efe22b029a89805b161945ce4439299e8bf427f3c9a0eda31d534244be

General

Target

12ea74efe22b029a89805b161945ce4439299e8bf427f3c9a0eda31d534244be
Size

81KB
MD5

9356c46e14851db5664fa8be06e6acd0
SHA1

11aee48e43c987294e3b14cd66c380ff7009ae69
SHA256

12ea74efe22b029a89805b161945ce4439299e8bf427f3c9a0eda31d534244be
SHA512

79d303abc332e40872f81b71f7b36ad6feb53ab6a6079e51ea33cf0bb8784b544f50d6e5b45f66b6ab3261fb3b06551978e6dc75d4c156d21931e70aa3f67a78
SSDEEP

1536:jdJbEXo9FlUowD9THv34MyDCQ8ijjyae8dB9SaHCz1ms+Dkj:xhmo9FlD8RI7pyaeaB9VC4Dk

Score

N/A

Malware Config

Signatures

Files

12ea74efe22b029a89805b161945ce4439299e8bf427f3c9a0eda31d534244be
.exe windows x86

7c992c88ad08ae279cb8d55be9185e12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
VirtualAlloc
lstrlenW
GetFileAttributesA
GetFileAttributesW
GetExitCodeProcess
GetACP
lstrcpyW
GetCurrentProcess
SetHandleCount
GetConsoleMode
GetStdHandle
GetCommandLineW
EnterCriticalSection
ExitProcess
GetFileSize
LockResource
ResumeThread
GetProcessHeap
GetSystemTime
GetSystemTimeAsFileTime
GetProcAddress
VirtualProtect
CreateFileA

ole32

CoMarshalInterface
StgIsStorageFile
CLSIDFromString
MkParseDisplayName
PropVariantCopy
CoUnmarshalInterface
OleRegEnumFormatEtc
StgCreateDocfileOnILockBytes
CreateOleAdviseHolder
CoMarshalInterThreadInterfaceInStream
CoRegisterClassObject
CreateDataAdviseHolder
CreateBindCtx
CoImpersonateClient

version

GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueA
VerFindFileW
VerQueryValueW

ntdll

RtlRunEncodeUnicodeString
RtlInitializeCriticalSection
NtConnectPort
NlsMbOemCodePageTag
_wcslwr
RtlQueryEnvironmentVariable_U
RtlCreateUnicodeStringFromAsciiz
NtOpenProcess
RtlInitializeCriticalSectionAndSpinCount
RtlGetDaclSecurityDescriptor
NtSetInformationThread
NtUnmapViewOfSection
NtFsControlFile
RtlUnicodeToMultiByteN
NtQueryDirectoryFile
NtEnumerateValueKey
RtlDestroyEnvironment
RtlFreeUnicodeString
RtlAcquireResourceShared

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c992c88ad08ae279cb8d55be9185e12

Headers

File Characteristics

Imports

kernel32

ole32

version

ntdll

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 56KB - Virtual size: 117KB

.idata Size: 8KB - Virtual size: 8KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 56KB - Virtual size: 117KB

.idata
Size: 8KB - Virtual size: 8KB