4a88b68111ff41504b94549488c304db03a24eca321af036f6ec407d0490838a

General

Target

4a88b68111ff41504b94549488c304db03a24eca321af036f6ec407d0490838a
Size

127KB
MD5

84cbb659595d25b58387875268827298
SHA1

f774679f593fc6422eae66188533a6735eeb9847
SHA256

4a88b68111ff41504b94549488c304db03a24eca321af036f6ec407d0490838a
SHA512

39ee396deb40c1aec84d035ac3c13f09f6dee3c89d70d6b1edaaaf6745b207b3750231594da074680f86b1704a6e6974e61db7038958d8717e1673c659b5152a
SSDEEP

3072:gzh5Lu4ow+fqeKD56tfTkg4vUPujqppstZxG0XncZVdiN:eU+TeKDEFAg4vUPh4k0XnGVdiN

Score

N/A

Malware Config

Signatures

Files

4a88b68111ff41504b94549488c304db03a24eca321af036f6ec407d0490838a
.exe windows x86

e2424924714e88fe712f867af414de8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadConsoleA
lstrlenA
FindAtomW
VirtualProtect
GetLastError
GetLogicalDrives
LoadLibraryW
Sleep
PulseEvent
ReadConsoleA
CloseHandle
ReleaseMutex
TlsGetValue
ReadConsoleA
GetStringTypeW
GetStartupInfoA
GetVolumePathNameW
GetDriveTypeA
GetPrivateProfileSectionA
HeapFree
DeleteFileW

clbcatq

CheckMemoryGates
SetupOpen
SetupOpen
SetupOpen
ComPlusMigrate
ComPlusMigrate
CheckMemoryGates
CheckMemoryGates
DllGetClassObject
ComPlusMigrate
CheckMemoryGates
CheckMemoryGates
DllGetClassObject

gpedit

BrowseForGPO
DllCanUnloadNow
ExportRSoPData
DllGetClassObject

Sections

.text
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e2424924714e88fe712f867af414de8d

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 1024B

.data Size: 3KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 320B

.rsrc Size: 120KB - Virtual size: 120KB

.orpc Size: 512B - Virtual size: 289B

.import Size: 512B - Virtual size: 38B

.text
Size: 1024B - Virtual size: 1024B

.data
Size: 3KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 320B

.rsrc
Size: 120KB - Virtual size: 120KB

.orpc
Size: 512B - Virtual size: 289B

.import
Size: 512B - Virtual size: 38B