b9298c9e8539158ea5efd814c9fd559995fae4819f8571a014ba052089c7854f

General

Target

b9298c9e8539158ea5efd814c9fd559995fae4819f8571a014ba052089c7854f
Size

312KB
MD5

a2ad93ff121b6e93d7a445315e833bf0
SHA1

3e4e9a3627bc2daf8315364fcb89e2891b8decb0
SHA256

b9298c9e8539158ea5efd814c9fd559995fae4819f8571a014ba052089c7854f
SHA512

530a987f2b783da2ffc9d7416cb0f12d7cef74a2f81193bc108af77427ca18c3dbbf33df7e4c190873d52f684c47e812ec4179917718fa71b94c7e114964747c
SSDEEP

6144:uo1gnRhcz5MhqpaRKELdArwqT/YZe7oTfunlT5jc8eCwfALJEjP6bg:uK2hc6hqpaRKELOVTwZekSnh5xeCEALC

Score

N/A

Malware Config

Signatures

Files

b9298c9e8539158ea5efd814c9fd559995fae4819f8571a014ba052089c7854f
.exe windows x86

e49f4c9397374c766daa17861e9b7c90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindAtomW
CreateEventW
TlsGetValue
CreateEventW
HeapFree
VirtualProtect
GetPrivateProfileSectionA
GetVolumePathNameA
ResumeThread
CreateEventW
GetProcessHeap
GetCurrentThread
lstrlenA
GetProcessVersion
SuspendThread
GetStartupInfoA
SetLastError
GetStringTypeW
GetDriveTypeA
DeleteFileA
LoadLibraryW

clbcatq

DllGetClassObject
ComPlusMigrate
CheckMemoryGates
CheckMemoryGates
CheckMemoryGates
CheckMemoryGates
SetupOpen
SetupOpen
CheckMemoryGates
SetupOpen
ComPlusMigrate
ComPlusMigrate
DllGetClassObject

gpedit

DllCanUnloadNow
ExportRSoPData
BrowseForGPO
DllGetClassObject

Sections

.text
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e49f4c9397374c766daa17861e9b7c90

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 768B

.data Size: 3KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 352B

.rsrc Size: 305KB - Virtual size: 305KB

.orpc Size: 512B - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 768B

.data
Size: 3KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 352B

.rsrc
Size: 305KB - Virtual size: 305KB

.orpc
Size: 512B - Virtual size: 4KB