9c8c97deaa93dbeae9b5f76c9cd98482feaee46a864ebbf13504be24a9af5e80

General

Target

9c8c97deaa93dbeae9b5f76c9cd98482feaee46a864ebbf13504be24a9af5e80
Size

42KB
MD5

e2da31400247e064753ba3d8a95488e3
SHA1

199258ed1d0a3cd3ac051f7bff537a689a0dfdc5
SHA256

9c8c97deaa93dbeae9b5f76c9cd98482feaee46a864ebbf13504be24a9af5e80
SHA512

d2362b3c84787273f487f414b0d760b72f5e1fd2192be4063e8aedc3bf3ea141dba820ec37e96000900d0b5a223435c978232008d5b1a1d5c86f36dc1c4d868b
SSDEEP

384:t9GDPheUvamoTum2gdDNMgRAQFTgj9td9i6HX68tGlV:tOeUvoTuoSQFgj9ZD

Score

N/A

Malware Config

Signatures

Files

9c8c97deaa93dbeae9b5f76c9cd98482feaee46a864ebbf13504be24a9af5e80
.exe windows x86

c1778eee7380f6c9ec194d730d31de95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetSystemTime
GetACP
GetSystemTime
GetVersionExA
PeekConsoleInputA
EnumCalendarInfoW
CallNamedPipeW
GetSystemTimes
_lread
CreateFileA
GetTickCount

shell32

SHGetSpecialFolderPathA

esent

JetGetLogInfo
JetGotoBookmark
JetGetTableIndexInfo

pdh

PdhAdd009CounterA
PdhAdd009CounterW
PdhAddCounterA
PdhAddCounterW
PdhBindInputDataSourceA
PdhBindInputDataSourceW
PdhBrowseCountersA
PdhBrowseCountersHA
PdhBrowseCountersHW
PdhBrowseCountersW
PdhCalculateCounterFromRawValue
PdhCloseLog
PdhCloseQuery
PdhCollectQueryData
PdhCollectQueryDataEx
PdhComputeCounterStatistics
PdhConnectMachineA
PdhConnectMachineW
PdhCreateSQLTablesA
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA
PdhEnumMachinesHW
PdhEnumMachinesW
PdhEnumObjectItemsA
PdhEnumObjectItemsHA
PdhEnumObjectItemsHW
PdhEnumObjectItemsW
PdhEnumObjectsA

Sections

Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

1
Size: 10KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1778eee7380f6c9ec194d730d31de95

Headers

File Characteristics

Imports

kernel32

shell32

esent

pdh

Sections

Size: 6KB - Virtual size: 20KB

1 Size: 10KB - Virtual size: 82KB

2 Size: 21KB - Virtual size: 24KB

3 Size: 2KB - Virtual size: 2KB

4 Size: 2KB - Virtual size: 2KB

1
Size: 10KB - Virtual size: 82KB

2
Size: 21KB - Virtual size: 24KB

3
Size: 2KB - Virtual size: 2KB

4
Size: 2KB - Virtual size: 2KB