b69fcae5ac28dc0ad25019d8af97cc64c021df4179b4b73079e138877d086e2b

General

Target

b69fcae5ac28dc0ad25019d8af97cc64c021df4179b4b73079e138877d086e2b
Size

801KB
MD5

066a09cdf0d60fdea3e69403731296e8
SHA1

0519099e83be0976a443e3d65c6d0c0c31162de2
SHA256

b69fcae5ac28dc0ad25019d8af97cc64c021df4179b4b73079e138877d086e2b
SHA512

0d70156c965684dc53f0a636cfe3edc0dcf7c7a64e858de55645684e13c5b39c0abfd4ba4ab57b93a3ef13ff5d9d1f09db722eff0613c30c4fbef918f348595e
SSDEEP

24576:vQQe/mxBkIUtXWNPWbObHKuGKt7//IypC7Fpm:4Qe/ptXjKrjN/NM7

Score

N/A

Malware Config

Signatures

Files

b69fcae5ac28dc0ad25019d8af97cc64c021df4179b4b73079e138877d086e2b
.exe windows x86

e59421453d0e30569431346cc52235c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenA
GetVolumePathNameA
CreateEventW
SetLastError
VirtualProtect
CreateEventW
GetProcessHeap
CreateEventW
HeapFree
GetProcessVersion
ResumeThread
GetCurrentThread
TlsGetValue
FindAtomW
DeleteFileA
GetStartupInfoA
SuspendThread
LoadLibraryW
GetPrivateProfileSectionA
GetDriveTypeA
GetStringTypeW

clbcatq

CheckMemoryGates
CheckMemoryGates
DllGetClassObject
ComPlusMigrate
SetupOpen
SetupOpen
DllGetClassObject
CheckMemoryGates
SetupOpen
ComPlusMigrate
ComPlusMigrate
CheckMemoryGates
CheckMemoryGates

gpedit

DllCanUnloadNow
BrowseForGPO
DllGetClassObject
ExportRSoPData

Sections

.text
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 795KB - Virtual size: 795KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e59421453d0e30569431346cc52235c1

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 960B

.data Size: 3KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 1.4MB

.rsrc Size: 795KB - Virtual size: 795KB

.orpc Size: 512B - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 960B

.data
Size: 3KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 1.4MB

.rsrc
Size: 795KB - Virtual size: 795KB

.orpc
Size: 512B - Virtual size: 4KB