cb0131454dd4c351db99ab6f55f7b84d2f9701a385cdd97741591a60b4a0da80

General

Target

cb0131454dd4c351db99ab6f55f7b84d2f9701a385cdd97741591a60b4a0da80
Size

38KB
MD5

aa180f913508dee85de46d50b9a03106
SHA1

4f7caa15c9c1a40ea5446b25575cf4c8936d143d
SHA256

cb0131454dd4c351db99ab6f55f7b84d2f9701a385cdd97741591a60b4a0da80
SHA512

5977c52021a251b08d727b19e42f5c78fb5f3cede368004c8c0a0a971db035a9751fb9f24362b0c9493c11b38c96c31dbb913631378061d7ae62fea28215f63b
SSDEEP

384:xOzhMcXIBKksRhc7mHAwViSNqRZHc91HDxlwdsqat2Wkm:4HhkYgQfPLdl+sUWkm

Score

N/A

Malware Config

Signatures

Files

cb0131454dd4c351db99ab6f55f7b84d2f9701a385cdd97741591a60b4a0da80
.exe windows x86

b4a08775ffc88dfda6db84aea90bac4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetSystemInfo
GetACP
GetVolumeInformationA
GlobalAddAtomA
HeapCreate
RtlZeroMemory
CallNamedPipeW
GetStdHandle
SearchPathA
CreateFileA
GetStringTypeA
TlsFree
ExitThread

shell32

SHGetSpecialFolderPathA

lz32

LZRead
LZCopy

esent

JetGetCounter

pdh

PdhAdd009CounterA
PdhAdd009CounterW
PdhAddCounterA
PdhAddCounterW
PdhBindInputDataSourceA
PdhBindInputDataSourceW
PdhBrowseCountersA
PdhBrowseCountersHA
PdhBrowseCountersHW
PdhBrowseCountersW
PdhCalculateCounterFromRawValue
PdhCloseLog
PdhCloseQuery
PdhCollectQueryData
PdhUpdateLogA
PdhVbCreateCounterPathList
PdhConnectMachineA
PdhConnectMachineW
PdhCreateSQLTablesA
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA
PdhEnumMachinesHW
PdhEnumMachinesW
PdhEnumObjectItemsA
PdhEnumObjectItemsHA
PdhEnumObjectItemsHW
PdhEnumObjectItemsW
PdhEnumObjectsA

Sections

Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

a
Size: 10KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

b
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

c
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b4a08775ffc88dfda6db84aea90bac4a

Headers

File Characteristics

Imports

kernel32

shell32

lz32

esent

pdh

Sections

Size: 2KB - Virtual size: 20KB

a Size: 10KB - Virtual size: 82KB

b Size: 21KB - Virtual size: 24KB

c Size: 2KB - Virtual size: 2KB

d Size: 2KB - Virtual size: 2KB

a
Size: 10KB - Virtual size: 82KB

b
Size: 21KB - Virtual size: 24KB

c
Size: 2KB - Virtual size: 2KB

d
Size: 2KB - Virtual size: 2KB