79c3bb81035b717d8a08c6b096fd407dd0ba720dbdbc41d9cd28978ce4a1598a

General

Target

79c3bb81035b717d8a08c6b096fd407dd0ba720dbdbc41d9cd28978ce4a1598a
Size

149KB
MD5

61108d6165a839ec0c796bd7337c9afe
SHA1

2d46d4c40c3b1e7e2eb5d7d5103c5a01b38d49ab
SHA256

79c3bb81035b717d8a08c6b096fd407dd0ba720dbdbc41d9cd28978ce4a1598a
SHA512

72762a66f29fc141e04c64c428e793ce2bc47b9c500806067fb81846a24444bb830826cff72286d38474a4c8a6a3505914ca33bfd6dce8e0fa18c94f39d71e40
SSDEEP

3072:wjOAlkemWRSgkjlTLr5LUMwjckH5DgLYUkCBuAoTbYha9khpg7l9Luk:wjMCSgkjlTLdpKg8nCBuAoQha9k49p

Score

N/A

Malware Config

Signatures

Files

79c3bb81035b717d8a08c6b096fd407dd0ba720dbdbc41d9cd28978ce4a1598a
.exe windows x86

9604d75a409b2d180d748fc43f6cfff7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisableThreadLibraryCalls

rpcrt4

NdrStubForwardingFunction
NdrStubCall2
IUnknown_QueryInterface_Proxy
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
NdrDllUnregisterProxy
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
NdrDllGetClassObject
CStdStubBuffer_QueryInterface
IUnknown_AddRef_Proxy
NdrOleAllocate
NdrDllCanUnloadNow
NdrDllRegisterProxy
CStdStubBuffer_Connect
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
CStdStubBuffer_AddRef
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_DebugServerRelease

msvcrt

malloc
_initterm
_adjust_fdiv
free

mpr

WNetOpenEnumA

ntdll

LdrUnloadDll
NtAllocateVirtualMemory

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9604d75a409b2d180d748fc43f6cfff7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

msvcrt

mpr

ntdll

Sections

.text Size: 64KB - Virtual size: 63KB

.rsrc Size: 11KB - Virtual size: 11KB

.rdata Size: 62KB - Virtual size: 62KB

.data Size: 10KB - Virtual size: 352KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 64KB - Virtual size: 63KB

.rsrc
Size: 11KB - Virtual size: 11KB

.rdata
Size: 62KB - Virtual size: 62KB

.data
Size: 10KB - Virtual size: 352KB

.reloc
Size: 512B - Virtual size: 20B