f5cf4354220b349af1399d3f858ea4ff671db7892596b11c74e9deee9fd938c7

Sharing

Copy URL Twitter E-mail

General

Target

f5cf4354220b349af1399d3f858ea4ff671db7892596b11c74e9deee9fd938c7
Size

605KB
MD5

3ba7571118f31861dc6566b24aacecb1
SHA1

11ef748fe20969543f3d7d004cb9d99603aeae03
SHA256

f5cf4354220b349af1399d3f858ea4ff671db7892596b11c74e9deee9fd938c7
SHA512

1effb5a1475199cdf307916ef91894bc6de6db60136bd54c05b29f1aa52d27aee4759f670290ca22ee9dbc754b9cfe3de3543475c247e6fd24f0736039d244ff
SSDEEP

12288:OPT1D/TP5vttQjIbcbFzkDO//w/Bz2hKHrZzij:wZAMkFv//wZHt+

Score

N/A

Malware Config

Signatures

Files

f5cf4354220b349af1399d3f858ea4ff671db7892596b11c74e9deee9fd938c7
.exe windows x86

bb600f3d25c27f764acc08c2689971a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

msoert2

AppendTempFileList

shlwapi

AssocCreate
AssocGetPerceivedType
AssocIsDangerous
AssocQueryKeyA
AssocQueryKeyW
AssocQueryStringA
AssocQueryStringByKeyA
AssocQueryStringByKeyW
AssocQueryStringW
ChrCmpIA
ChrCmpIW
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
DelayLoadFailureHook
DllGetVersion
GetAcceptLanguagesA
GetAcceptLanguagesW
GetMenuPosFromID
HashData
IntlStrEqWorkerA
IntlStrEqWorkerW
IsCharSpaceA
IsCharSpaceW
PathAddBackslashA
PathAddBackslashW
PathAddExtensionA
PathAddExtensionW
PathAppendA
PathAppendW
PathBuildRootA

kernel32

AllocConsole
CreateFileA
GetWindowsDirectoryA
AllocConsole
AttachConsole
AllocConsole
GetPrivateProfileStringA
IsBadWritePtr
GetCommandLineW

lz32

LZSeek
LZRead

mscat32

CryptCATCDFOpen
CryptCATCatalogInfoFromContext
CryptCATClose
CryptCATEnumerateAttr
CryptCATEnumerateCatAttr
CryptCATEnumerateMember
CryptCATGetAttrInfo
CryptCATGetCatAttrInfo
CryptCATGetMemberInfo
CryptCATHandleFromStore
CryptCATOpen
CryptCATPersistStore
CryptCATPutAttrInfo
CryptCATPutCatAttrInfo
CryptCATPutMemberInfo
CryptCATStoreFromHandle
CryptCATVerifyMember

advpack

AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry

Sections

.text
Size: 30KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 270KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 549KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bb600f3d25c27f764acc08c2689971a2

Headers

File Characteristics

Imports

msoert2

shlwapi

kernel32

lz32

mscat32

advpack

Sections

.text Size: 30KB - Virtual size: 35KB

.data Size: 13KB - Virtual size: 270KB

.rsrc Size: 549KB - Virtual size: 552KB

.text
Size: 30KB - Virtual size: 35KB

.data
Size: 13KB - Virtual size: 270KB

.rsrc
Size: 549KB - Virtual size: 552KB