85707449995a7f7f81916d73f99510dce5be2797b055c38c62a040a870ac1a92

Sharing

Copy URL Twitter E-mail

General

Target

85707449995a7f7f81916d73f99510dce5be2797b055c38c62a040a870ac1a92
Size

285KB
MD5

741e1d92f7448942442a41d7c2b88825
SHA1

60ae7f9152bf123f2d4649180d729f368da277dc
SHA256

85707449995a7f7f81916d73f99510dce5be2797b055c38c62a040a870ac1a92
SHA512

8440891d670e0dc130f687462f8c8e5192cbdcd85327f5086bf02112b5105048e07c2029a29e874dcc233cbe507d6bd02884d1bb986d8ab08c233986440e902d
SSDEEP

3072:k+8D+0oVzMVCqEAgcDRKqZmv8oMTHVgNdo1eQXDosPKNM+DgENeOGq+F3uT/xqpq:JZ1XAgcDaEoOHY6JcoKpxlTJ49u3md

Score

N/A

Malware Config

Signatures

Files

85707449995a7f7f81916d73f99510dce5be2797b055c38c62a040a870ac1a92
.exe windows x86

cd564f450beec7071c33f170a9d4a142

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

HWND_UserSize
HWND_UserMarshal
HWND_UserFree
HWND_UserUnmarshal

oleaut32

BSTR_UserUnmarshal
BSTR_UserSize
VARIANT_UserMarshal
VARIANT_UserSize
BSTR_UserMarshal
VARIANT_UserFree
VARIANT_UserUnmarshal
BSTR_UserFree

rpcrt4

CStdStubBuffer_QueryInterface
CStdStubBuffer_Disconnect
NdrClientCall2
CStdStubBuffer_Connect
NdrOleAllocate
NdrOleFree
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
NdrDllUnregisterProxy
NdrDllCanUnloadNow
NdrCStdStubBuffer2_Release
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Invoke
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
CStdStubBuffer_DebugServerQueryInterface
IUnknown_Release_Proxy
NdrCStdStubBuffer_Release
CStdStubBuffer_AddRef
NdrDllGetClassObject
NdrStubCall2
NdrStubForwardingFunction
NdrDllRegisterProxy

kernel32

LeaveCriticalSection
HeapSize
GetFileType
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetACP
InitializeCriticalSectionAndSpinCount
GetCommandLineA
HeapFree
GetOEMCP
HeapReAlloc
IsProcessorFeaturePresent
TlsSetValue
SetLastError
SetUnhandledExceptionFilter
WriteFile
WideCharToMultiByte
HeapDestroy
GetSystemTimeAsFileTime
RtlUnwind
TlsAlloc
HeapAlloc
IsValidCodePage
TlsGetValue
GetCurrentThreadId
DeleteCriticalSection
IsDebuggerPresent
TlsFree
SetHandleCount
GetStdHandle
GetModuleHandleW
EnterCriticalSection
LCMapStringW
GetCurrentDirectoryW
VirtualAlloc
lstrlenA

certcli

CASetCAExpiration
CAOIDCreateNew
CACloseCertType
CASetCertTypeFlagsEx
CACertTypeUnregisterQuery
CACertTypeAccessCheckEx
CAGetCACertificate

kbdcr

KbdLayerDescriptor

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 138KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd564f450beec7071c33f170a9d4a142

Headers

File Characteristics

Imports

ole32

oleaut32

rpcrt4

kernel32

certcli

kbdcr

Sections

.text Size: 20KB - Virtual size: 20KB

.bss Size: 72KB - Virtual size: 598KB

.reloc Size: 138KB - Virtual size: 446KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 35KB - Virtual size: 200KB

.rsrc Size: 15KB - Virtual size: 115KB

.text
Size: 20KB - Virtual size: 20KB

.bss
Size: 72KB - Virtual size: 598KB

.reloc
Size: 138KB - Virtual size: 446KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 35KB - Virtual size: 200KB

.rsrc
Size: 15KB - Virtual size: 115KB