b9b92897c5e8c7ba4559e98df1a3f46d7b7a8b811c27cce8f397609e89d12c18

Sharing

Copy URL Twitter E-mail

General

Target

b9b92897c5e8c7ba4559e98df1a3f46d7b7a8b811c27cce8f397609e89d12c18
Size

605KB
MD5

64fbe84dcb38b5a486c51aa085e5559f
SHA1

46b914345dbda4ebd669612196c8e762ed1f837c
SHA256

b9b92897c5e8c7ba4559e98df1a3f46d7b7a8b811c27cce8f397609e89d12c18
SHA512

91038a64c1e957e6f963270867da0fb94918ffec2492aa00aa8147dfd880d337e5308c126f27254e6df4c68a6136c7e813f7bab792c8b89d39318ff758dce697
SSDEEP

12288:FNr6KnO+uh0Ohca7OhOnwlIImoW4wOzXdsD:Xjuh0OhcIWeWtRwAs

Score

N/A

Malware Config

Signatures

Files

b9b92897c5e8c7ba4559e98df1a3f46d7b7a8b811c27cce8f397609e89d12c18
.exe windows x86

417b16b20ae25ec93bc1862699c3b466

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

msoert2

AppendTempFileList

msls31

LsCompressSubline
LsCreateContext
LsCreateLine
LsCreateSubline
LsDestroyContext
LsDestroyLine
LsDestroySubline
LsDisplayLine
LsDisplaySubline
LsEnumLine
LsEnumSubline
LsExpandSubline
LsFindNextBreakSubline
LsFindPrevBreakSubline
LsFinishCurrentSubline
LsForceBreakSubline
LsGetHihLsimethods
LsGetLineDur
LsGetMinDurBreaks
LsGetReverseLsimethods
LsGetRubyLsimethods
LsGetWarichuLsimethods
LsLwMultDivR
LsMatchPresSubline
LsModifyLineHeight
LsPointUV2FromPointUV1
LsPointXYFromPointUV
LsQueryCpPpointSubline
LsQueryFLineEmpty
LsQueryLineCpPpoint
LsQueryLineDup

kernel32

AllocConsole
CreateFileA
GetWindowsDirectoryA
AllocConsole
AttachConsole
AllocConsole
GetCurrencyFormatA
QueryDosDeviceA
GetTempPathW

lz32

LZSeek
LZRead

mscat32

CryptCATCDFOpen
CryptCATCatalogInfoFromContext
CryptCATClose
CryptCATEnumerateAttr
CryptCATEnumerateCatAttr
CryptCATEnumerateMember
CryptCATGetAttrInfo
CryptCATGetCatAttrInfo
CryptCATGetMemberInfo
CryptCATHandleFromStore
CryptCATOpen
CryptCATPersistStore
CryptCATPutAttrInfo
CryptCATPutCatAttrInfo
CryptCATPutMemberInfo
CryptCATStoreFromHandle
CryptCATVerifyMember

advpack

AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry

Sections

.text
Size: 30KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 270KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 549KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

417b16b20ae25ec93bc1862699c3b466

Headers

File Characteristics

Imports

msoert2

msls31

kernel32

lz32

mscat32

advpack

Sections

.text Size: 30KB - Virtual size: 35KB

.data Size: 13KB - Virtual size: 270KB

.rsrc Size: 549KB - Virtual size: 552KB

.text
Size: 30KB - Virtual size: 35KB

.data
Size: 13KB - Virtual size: 270KB

.rsrc
Size: 549KB - Virtual size: 552KB