12af6f1ae79271911c58ef4b7d76e4c93b1776a6424d2d9adbcb6fbec2f16e35

Sharing

Copy URL

Twitter E-mail

General

Target

12af6f1ae79271911c58ef4b7d76e4c93b1776a6424d2d9adbcb6fbec2f16e35
Size

606KB
MD5

d0ec1549a11bede64f0fbc914d146f45
SHA1

ff9ddd186f935e33cb91aa8af5f7426b1801ac6d
SHA256

12af6f1ae79271911c58ef4b7d76e4c93b1776a6424d2d9adbcb6fbec2f16e35
SHA512

8b0dc333cec1c8d7489dab301baeffda82692c20ac6ef0aaaaa042175d5891788b3013ccb271a764481dbe79f6b72d7b3321a5e39c1c9c6a0a20471e3540579b
SSDEEP

12288:l3QU/1ZF3fcoUbvnMLg4TKX/vuvUr8yPWIFQsc7uK7lsO:1Zz3fcrbvt3ucrXOb/7nZs

Score

N/A

Malware Config

Signatures

Files

12af6f1ae79271911c58ef4b7d76e4c93b1776a6424d2d9adbcb6fbec2f16e35
.exe windows x86

362098548ba9798cfd18deecf84bd218

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

msoert2

AppendTempFileList

shlwapi

AssocCreate
AssocGetPerceivedType
AssocIsDangerous
AssocQueryKeyA
AssocQueryKeyW
AssocQueryStringA
AssocQueryStringByKeyA
AssocQueryStringByKeyW
AssocQueryStringW
ChrCmpIA
ChrCmpIW
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
DelayLoadFailureHook
DllGetVersion
GetAcceptLanguagesA
GetAcceptLanguagesW
GetMenuPosFromID
HashData
IntlStrEqWorkerA
IntlStrEqWorkerW
IsCharSpaceA
IsCharSpaceW
PathAddBackslashA
PathAddBackslashW
PathAddExtensionA
PathAddExtensionW
PathAppendA
PathAppendW
PathBuildRootA

kernel32

AllocConsole
CreateFileA
GetWindowsDirectoryA
AllocConsole
AttachConsole
AllocConsole
SizeofResource
GetConsoleFontInfo
GetTempPathW

lz32

LZSeek
LZRead

mscat32

CryptCATCDFOpen
CryptCATCatalogInfoFromContext
CryptCATClose
CryptCATEnumerateAttr
CryptCATEnumerateCatAttr
CryptCATEnumerateMember
CryptCATGetAttrInfo
CryptCATGetCatAttrInfo
CryptCATGetMemberInfo
CryptCATHandleFromStore
CryptCATOpen
CryptCATPersistStore
CryptCATPutAttrInfo
CryptCATPutCatAttrInfo
CryptCATPutMemberInfo
CryptCATStoreFromHandle
CryptCATVerifyMember

advpack

AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry

Sections

.text
Size: 31KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 270KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 549KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

362098548ba9798cfd18deecf84bd218

Headers

File Characteristics

Imports

msoert2

shlwapi

kernel32

lz32

mscat32

advpack

Sections

.text Size: 31KB - Virtual size: 35KB

.data Size: 13KB - Virtual size: 270KB

.rsrc Size: 549KB - Virtual size: 552KB

.text
Size: 31KB - Virtual size: 35KB

.data
Size: 13KB - Virtual size: 270KB

.rsrc
Size: 549KB - Virtual size: 552KB