1cafff0eb6f9b746d49ce3e6b29dc0581145df229089c43f234693a7f3c01911

Sharing

Copy URL Twitter E-mail

General

Target

1cafff0eb6f9b746d49ce3e6b29dc0581145df229089c43f234693a7f3c01911
Size

254KB
MD5

3986dcdabb655a9cdbc4fbab87a37030
SHA1

db6a384df455681b00fb66099b727be0b22f43f2
SHA256

1cafff0eb6f9b746d49ce3e6b29dc0581145df229089c43f234693a7f3c01911
SHA512

c4fc9eb46400dced3e14d3840d20be8609ee8caf57d954c26c2c24c7aecde11d8766a3bda108dc0cc73f52d0f5e179d7b0bd7416320777aba493f2894784bcc7
SSDEEP

6144:+nYVGMDuEdj0IGBIfc2fXiID7XIEydoWN:8YjLjXfc2/DDUEydou

Score

N/A

Malware Config

Signatures

Files

1cafff0eb6f9b746d49ce3e6b29dc0581145df229089c43f234693a7f3c01911
.exe windows x86

5e2f7d3cd8a7acdff01944fe579fbe5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
CoInitialize

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

oleaut32

SysFreeString
SysAllocStringLen

wsock32

ioctlsocket
inet_addr

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyExA
OpenProcessToken
FreeSid
GetTokenInformation
RegCloseKey
RegQueryValueExA
AllocateAndInitializeSid
EqualSid

kernel32

GetModuleHandleA
FileTimeToSystemTime
OutputDebugStringA
FormatMessageA
WideCharToMultiByte
FreeLibrary
LoadLibraryExA
GetSystemDirectoryA
CloseHandle
DeleteCriticalSection
HeapAlloc
HeapFree
LocalFree
SystemTimeToTzSpecificLocalTime
GetWindowsDirectoryA
SetLastError
GetCurrentThreadId
GetProcessHeap
GetTimeZoneInformation
lstrcmpiA
GetCommandLineW
GetACP
VirtualAlloc

shell32

SHGetFileInfoA

user32

PostMessageA
LoadIconA
EnumThreadWindows
SetFocus
GetSystemMetrics
LockWindowUpdate
DestroyIcon
DrawIconEx

esent

JetCreateIndex
JetGetLS
JetGetAttachInfo
JetOpenFileInstance
JetCreateTableColumnIndex2
JetCreateTableColumnIndex
JetGetDatabaseInfo
JetGetAttachInfoInstance
JetPrepareToCommitTransaction
JetTruncateLog
JetSetSessionContext
JetDefragment2
JetSetIndexRange

cmutil

MakeBold
CmBuildFullPathFromRelativeW
CmLoadIconA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 227KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e2f7d3cd8a7acdff01944fe579fbe5b

Headers

File Characteristics

Imports

ole32

version

oleaut32

wsock32

comdlg32

advapi32

kernel32

shell32

user32

esent

cmutil

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 227KB - Virtual size: 551KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 227KB - Virtual size: 551KB

.rsrc
Size: 3KB - Virtual size: 2KB