1f886a84a2673ef0ead5ecf7e563d66e9e46d97f2b0c47067691341c9fa07380

General

Target

1f886a84a2673ef0ead5ecf7e563d66e9e46d97f2b0c47067691341c9fa07380
Size

802KB
MD5

507291b676879243808dd802bf143a50
SHA1

0500337cf42d8740126977d6fdaf21d631b376ef
SHA256

1f886a84a2673ef0ead5ecf7e563d66e9e46d97f2b0c47067691341c9fa07380
SHA512

97feab76005f12d7af858337e2c81becc5c459d383a6217650e54d93257550ab1061c9d9e0a3a7e759305c502b38526f69d202aa9c629e1cee9ed134916d7759
SSDEEP

24576:cbKkWhD9AOdJTnFAhKyiUhX54IdqcZ3T5oSgMzdjrGH:vIOdJTS4UHUcT5oSJdj

Score

N/A

Malware Config

Signatures

Files

1f886a84a2673ef0ead5ecf7e563d66e9e46d97f2b0c47067691341c9fa07380
.exe windows x86

b4a210adaa2f5cdf98c530d8f7d11d46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadConsoleA
GetStartupInfoA
ReadConsoleA
DeleteFileW
PulseEvent
TlsGetValue
lstrlenA
HeapFree
GetLogicalDrives
ReadConsoleA
ReleaseMutex
GetLastError
FindAtomW
CloseHandle
GetPrivateProfileSectionA
GetVolumePathNameW
LoadLibraryW
GetDriveTypeA
VirtualProtect
Sleep
GetStringTypeW

clbcatq

ComPlusMigrate
CheckMemoryGates
CheckMemoryGates
SetupOpen
CheckMemoryGates
ComPlusMigrate
DllGetClassObject
DllGetClassObject
SetupOpen
CheckMemoryGates
SetupOpen
ComPlusMigrate
CheckMemoryGates

gpedit

DllCanUnloadNow
DllGetClassObject
BrowseForGPO
ExportRSoPData

Sections

.text
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 795KB - Virtual size: 795KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b4a210adaa2f5cdf98c530d8f7d11d46

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 1024B

.data Size: 3KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 1.4MB

.rsrc Size: 795KB - Virtual size: 795KB

.orpc Size: 512B - Virtual size: 289B

.import Size: 512B - Virtual size: 38B

.text
Size: 1024B - Virtual size: 1024B

.data
Size: 3KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 1.4MB

.rsrc
Size: 795KB - Virtual size: 795KB

.orpc
Size: 512B - Virtual size: 289B

.import
Size: 512B - Virtual size: 38B