2e8c32503e662701103ebdba78536985723968304537b8899edd95f342a40211

Sharing

Copy URL

Twitter E-mail

General

Target

2e8c32503e662701103ebdba78536985723968304537b8899edd95f342a40211
Size

605KB
MD5

a304a900f11975459c46f80db204c2ea
SHA1

d59db009ec220d35ccffedf4430339c07a342b4d
SHA256

2e8c32503e662701103ebdba78536985723968304537b8899edd95f342a40211
SHA512

fa9d98586372c99cb019fdd4a8ea5b4a06124a3b317a8e5304e72eb236dd5eb5ceed9ecd2a1167539d512cf01567e0d1a5b0da8b0f80ccd177d88c481919b944
SSDEEP

12288:OPT1D/TP5vttQjIbcbFzkDO//w/Bz2hKHrZzij:wZAMkFv//wZHt+

Score

N/A

Malware Config

Signatures

Files

2e8c32503e662701103ebdba78536985723968304537b8899edd95f342a40211
.exe windows x86

bb600f3d25c27f764acc08c2689971a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

msoert2

AppendTempFileList

shlwapi

AssocCreate
AssocGetPerceivedType
AssocIsDangerous
AssocQueryKeyA
AssocQueryKeyW
AssocQueryStringA
AssocQueryStringByKeyA
AssocQueryStringByKeyW
AssocQueryStringW
ChrCmpIA
ChrCmpIW
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
DelayLoadFailureHook
DllGetVersion
GetAcceptLanguagesA
GetAcceptLanguagesW
GetMenuPosFromID
HashData
IntlStrEqWorkerA
IntlStrEqWorkerW
IsCharSpaceA
IsCharSpaceW
PathAddBackslashA
PathAddBackslashW
PathAddExtensionA
PathAddExtensionW
PathAppendA
PathAppendW
PathBuildRootA

kernel32

AllocConsole
CreateFileA
GetWindowsDirectoryA
AllocConsole
AttachConsole
AllocConsole
GetPrivateProfileStringA
IsBadWritePtr
GetCommandLineW

lz32

LZSeek
LZRead

mscat32

CryptCATCDFOpen
CryptCATCatalogInfoFromContext
CryptCATClose
CryptCATEnumerateAttr
CryptCATEnumerateCatAttr
CryptCATEnumerateMember
CryptCATGetAttrInfo
CryptCATGetCatAttrInfo
CryptCATGetMemberInfo
CryptCATHandleFromStore
CryptCATOpen
CryptCATPersistStore
CryptCATPutAttrInfo
CryptCATPutCatAttrInfo
CryptCATPutMemberInfo
CryptCATStoreFromHandle
CryptCATVerifyMember

advpack

AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry

Sections

.text
Size: 30KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 270KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 549KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bb600f3d25c27f764acc08c2689971a2

Headers

File Characteristics

Imports

msoert2

shlwapi

kernel32

lz32

mscat32

advpack

Sections

.text Size: 30KB - Virtual size: 35KB

.data Size: 13KB - Virtual size: 270KB

.rsrc Size: 549KB - Virtual size: 552KB

.text
Size: 30KB - Virtual size: 35KB

.data
Size: 13KB - Virtual size: 270KB

.rsrc
Size: 549KB - Virtual size: 552KB