fce2b3b298f9def61c2452e7a8eb8e376fbd15f580007e672b11bd588e5ed48c

General

Target

fce2b3b298f9def61c2452e7a8eb8e376fbd15f580007e672b11bd588e5ed48c
Size

802KB
MD5

0546b65ac5edd4191c48ceec59324f33
SHA1

0568b1929a2ff93631ab563e699cbdd2d3d457da
SHA256

fce2b3b298f9def61c2452e7a8eb8e376fbd15f580007e672b11bd588e5ed48c
SHA512

c3388bbb0458e16c97f1f3be006dfdae482ff77e7dc8a89a5dda42dd788fbfeabeaf149f7ff1bb0fcd1bbe2d4b9b01aed3f913bcc2435c87e233de97a762946e
SSDEEP

24576:vecfR2doKNJqRzQFw7Ipsf08uw1RjFA6SLg:GcfRagamfHumRJAv

Score

N/A

Malware Config

Signatures

Files

fce2b3b298f9def61c2452e7a8eb8e376fbd15f580007e672b11bd588e5ed48c
.exe windows x86

b12ea08ec010b06fe3f3ee37da6f3c39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetPrivateProfileSectionA
FindAtomW
SetLastError
ResumeThread
TlsGetValue
CreateEventW
DeleteFileA
GetCurrentThread
GetStringTypeW
VirtualProtect
GetProcessVersion
CreateEventW
GetStartupInfoA
GetProcessHeap
GetDriveTypeA
GetVolumePathNameA
CreateEventW
LoadLibraryW
SuspendThread
lstrlenA
HeapFree

clbcatq

DllGetClassObject
CheckMemoryGates
CheckMemoryGates
ComPlusMigrate
CheckMemoryGates
CheckMemoryGates
SetupOpen
ComPlusMigrate
ComPlusMigrate
SetupOpen
DllGetClassObject
CheckMemoryGates
SetupOpen

gpedit

BrowseForGPO
DllGetClassObject
ExportRSoPData
DllCanUnloadNow

Sections

.text
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 795KB - Virtual size: 795KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b12ea08ec010b06fe3f3ee37da6f3c39

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 616B

.data Size: 3KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 1.4MB

.rsrc Size: 795KB - Virtual size: 795KB

.orpc Size: 512B - Virtual size: 289B

.import Size: 512B - Virtual size: 193B

.text
Size: 1024B - Virtual size: 616B

.data
Size: 3KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 1.4MB

.rsrc
Size: 795KB - Virtual size: 795KB

.orpc
Size: 512B - Virtual size: 289B

.import
Size: 512B - Virtual size: 193B