ee8e8238f4d825095bf390b8c766080c6ff623fffdc2eaf4c071e8b920bf3673

Sharing

Copy URL

Twitter E-mail

General

Target

ee8e8238f4d825095bf390b8c766080c6ff623fffdc2eaf4c071e8b920bf3673
Size

285KB
MD5

9eedb1ecd7402bd1bf70598d122304e7
SHA1

b644283b50af9ec9cf2830e01e9a3679b6c3af6f
SHA256

ee8e8238f4d825095bf390b8c766080c6ff623fffdc2eaf4c071e8b920bf3673
SHA512

60c0814452f246732750397b00e170a66f5ad242a388fc34fcb0bd3751e321755f3040dca1285a12140d72433e899e3bf9473536b1d27167285bd71c896cc845
SSDEEP

3072:k+8D+0oVzMVCqEAgcDRKqZmv8oMTHVgNdo1eQXDosPKNM+DgENeOGq+F3uT/xqpq:JZ1XAgcDaEoOHY6JcoKpxlTJ49u3md

Score

N/A

Malware Config

Signatures

Files

ee8e8238f4d825095bf390b8c766080c6ff623fffdc2eaf4c071e8b920bf3673
.exe windows x86

cd564f450beec7071c33f170a9d4a142

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

HWND_UserSize
HWND_UserMarshal
HWND_UserFree
HWND_UserUnmarshal

oleaut32

BSTR_UserUnmarshal
BSTR_UserSize
VARIANT_UserMarshal
VARIANT_UserSize
BSTR_UserMarshal
VARIANT_UserFree
VARIANT_UserUnmarshal
BSTR_UserFree

rpcrt4

CStdStubBuffer_QueryInterface
CStdStubBuffer_Disconnect
NdrClientCall2
CStdStubBuffer_Connect
NdrOleAllocate
NdrOleFree
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
NdrDllUnregisterProxy
NdrDllCanUnloadNow
NdrCStdStubBuffer2_Release
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Invoke
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
CStdStubBuffer_DebugServerQueryInterface
IUnknown_Release_Proxy
NdrCStdStubBuffer_Release
CStdStubBuffer_AddRef
NdrDllGetClassObject
NdrStubCall2
NdrStubForwardingFunction
NdrDllRegisterProxy

kernel32

LeaveCriticalSection
HeapSize
GetFileType
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetACP
InitializeCriticalSectionAndSpinCount
GetCommandLineA
HeapFree
GetOEMCP
HeapReAlloc
IsProcessorFeaturePresent
TlsSetValue
SetLastError
SetUnhandledExceptionFilter
WriteFile
WideCharToMultiByte
HeapDestroy
GetSystemTimeAsFileTime
RtlUnwind
TlsAlloc
HeapAlloc
IsValidCodePage
TlsGetValue
GetCurrentThreadId
DeleteCriticalSection
IsDebuggerPresent
TlsFree
SetHandleCount
GetStdHandle
GetModuleHandleW
EnterCriticalSection
LCMapStringW
GetCurrentDirectoryW
VirtualAlloc
lstrlenA

certcli

CASetCAExpiration
CAOIDCreateNew
CACloseCertType
CASetCertTypeFlagsEx
CACertTypeUnregisterQuery
CACertTypeAccessCheckEx
CAGetCACertificate

kbdcr

KbdLayerDescriptor

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 138KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd564f450beec7071c33f170a9d4a142

Headers

File Characteristics

Imports

ole32

oleaut32

rpcrt4

kernel32

certcli

kbdcr

Sections

.text Size: 20KB - Virtual size: 20KB

.bss Size: 72KB - Virtual size: 598KB

.reloc Size: 138KB - Virtual size: 446KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 35KB - Virtual size: 200KB

.rsrc Size: 15KB - Virtual size: 115KB

.text
Size: 20KB - Virtual size: 20KB

.bss
Size: 72KB - Virtual size: 598KB

.reloc
Size: 138KB - Virtual size: 446KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 35KB - Virtual size: 200KB

.rsrc
Size: 15KB - Virtual size: 115KB