bf51c37c8818cac25885333efa951cf29f9b1cfb9b2889c5549a4a6da9e34b36

Sharing

Copy URL

Twitter E-mail

General

Target

bf51c37c8818cac25885333efa951cf29f9b1cfb9b2889c5549a4a6da9e34b36
Size

68KB
MD5

3ecd6bb227fe7b96df574713376c9e70
SHA1

29172da00995441797554be53f042397d31888cc
SHA256

bf51c37c8818cac25885333efa951cf29f9b1cfb9b2889c5549a4a6da9e34b36
SHA512

bea7d35588692075245c1b180689497df7a89f25bd788a78e926b9471077b6b4064372d754dd486ca8e06ee3eac7e50e9dd8a111b755b8878a656d1dd3799c94
SSDEEP

768:mG8ZgT6vbWtGp9dWK9Ec+9K1MByu+wQR6Wytd/2:mDiT6v1pWKSon246Wq

Score

N/A

Malware Config

Signatures

Files

bf51c37c8818cac25885333efa951cf29f9b1cfb9b2889c5549a4a6da9e34b36
.exe windows x86

ea5897ad5a8881bdf62c831a58ffd50f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarUI4FromStr
SysAllocString
VariantCopy
SysFreeString
VariantClear

user32

CharUpperW
CharNextW
CharLowerW

ole32

CoTaskMemRealloc
CoCreateGuid
CoCreateInstance
PropVariantClear
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc

kernel32

HeapReAlloc
RemoveDirectoryW
HeapDestroy
SetFileTime
SetUnhandledExceptionFilter
DeleteCriticalSection
GlobalFree
WaitForSingleObject
VirtualFree
GetModuleHandleW
ReadFile
GetTempFileNameW
CreateSemaphoreW
GetCurrentThreadId
FindFirstFileW
LoadResource
CloseHandle
lstrlenW
SetLastError
ResetEvent
DeleteFileW
LocalAlloc
LockResource
LeaveCriticalSection
FreeLibrary
DisableThreadLibraryCalls
SizeofResource
WriteFile
LoadLibraryExW
GetSystemTimeAsFileTime
CreateEventW
OutputDebugStringW
FindResourceW
lstrcmpiW
RaiseException
FindClose
GetSystemInfo
HeapAlloc
CreateFileW
MoveFileExW
WideCharToMultiByte
GetSystemDefaultLangID
LocalFree
WaitForMultipleObjects
GetTempPathW
GetLocalTime
ReleaseSemaphore
GetProcessHeap
EnterCriticalSection
HeapSize
HeapFree
UnhandledExceptionFilter
SetFileAttributesW
CopyFileW
IsDebuggerPresent
GetFileSize
VirtualAlloc
FindResourceExW
FindNextFileW
GetModuleHandleA

certcli

CAUpdateCA
CAIsCertTypeCurrent
CASetCertTypeFlags
CASetCertTypeExpiration
CAOIDGetLdapURL
CAFreeCertTypeExtensions
CACertTypeUnregisterQuery
CAGetCAFlags
CADeleteLocalAutoEnrollmentObject

atl

AtlModuleUnregisterServerEx
AtlFreeMarshalStream
AtlAxCreateDialogW
AtlModuleUnregisterServer
AtlModuleRegisterTypeLib
AtlUnmarshalPtr
AtlIPersistStreamInit_Load

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ZOUGA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qWzcyeM
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mAldljM
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xzresMp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JiFHgMp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IHzgrMp
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lrIufMp
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea5897ad5a8881bdf62c831a58ffd50f

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

ole32

kernel32

certcli

atl

Sections

.text Size: 24KB - Virtual size: 23KB

.ZOUGA Size: 2KB - Virtual size: 1KB

.qWzcyeM Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 18KB

.mAldljM Size: 4KB - Virtual size: 4KB

.xzresMp Size: 4KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 113KB

.JiFHgMp Size: 2KB - Virtual size: 2KB

.IHzgrMp Size: 512B - Virtual size: 244B

.rsrc Size: 11KB - Virtual size: 11KB

.lrIufMp Size: 3KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 23KB

.ZOUGA
Size: 2KB - Virtual size: 1KB

.qWzcyeM
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 18KB

.mAldljM
Size: 4KB - Virtual size: 4KB

.xzresMp
Size: 4KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 113KB

.JiFHgMp
Size: 2KB - Virtual size: 2KB

.IHzgrMp
Size: 512B - Virtual size: 244B

.rsrc
Size: 11KB - Virtual size: 11KB

.lrIufMp
Size: 3KB - Virtual size: 2KB