41994474bbda8b510d635ad9765168dc132cd76cfd50859f0a4c2306c8149d62

General

Target

41994474bbda8b510d635ad9765168dc132cd76cfd50859f0a4c2306c8149d62
Size

115KB
MD5

0aa018f0c07f231f0c8182050ff82740
SHA1

c65b9051b24a72f519ea93924bc54bd8329c888b
SHA256

41994474bbda8b510d635ad9765168dc132cd76cfd50859f0a4c2306c8149d62
SHA512

66596af04a329b9d64e6d23cf85b98284301efbe06a0952e2c7929e741849e875b47a0c206af2c0e1d387fb86cb975cc9c0046b28dc70e31bb9ed37b67f5b502
SSDEEP

3072:LJbsrOkH8GcUupBH8bEaHKtC8ltd1KzjX:LHUu7cwaHKtzlJKH

Score

N/A

Malware Config

Signatures

Files

41994474bbda8b510d635ad9765168dc132cd76cfd50859f0a4c2306c8149d62
.exe windows x86

8d815a8c6fe93d117106f2f69fca66a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileTime
ReleaseMutex
GetModuleHandleA
GetStartupInfoA
GetFileAttributesA
CloseHandle
WriteConsoleW
WriteConsoleW
GetCurrentDirectoryA
FormatMessageA
GetLastError
WriteConsoleW
lstrlenW
HeapCreate
GetFileSize
IsValidLocale
IsBadStringPtrA
SetPriorityClass
lstrcpyW
ReadFile
FindResourceA

msftedit

RichEditWndProc
SetCustomTextOutHandlerEx
RichListBoxWndProc
RichComboBoxWndProc

clbcatq

CheckMemoryGates
SetSetupSave
SetupOpen
ComPlusMigrate
DllGetClassObject
CheckMemoryGates
ComPlusMigrate
CheckMemoryGates
SetSetupSave
ComPlusMigrate
SetupOpen
SetupOpen
DllGetClassObject

dsprop

CheckADsError

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 1024B - Virtual size: 263B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qedit
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d815a8c6fe93d117106f2f69fca66a1

Headers

File Characteristics

Imports

kernel32

msftedit

clbcatq

dsprop

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 104KB - Virtual size: 103KB

.adata Size: 1024B - Virtual size: 263B

.qedit Size: 512B - Virtual size: 240B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 104KB - Virtual size: 103KB

.adata
Size: 1024B - Virtual size: 263B

.qedit
Size: 512B - Virtual size: 240B