86b0822d36ab2ffca4087ce9e04f971323ece41049e74770c330197009b4557a

Sharing

Copy URL Twitter E-mail

General

Target

86b0822d36ab2ffca4087ce9e04f971323ece41049e74770c330197009b4557a
Size

105KB
MD5

e3a798b055575a1b5793908f1a011035
SHA1

00e5f549b51d77738814d9bf6a02ebc545a80aa0
SHA256

86b0822d36ab2ffca4087ce9e04f971323ece41049e74770c330197009b4557a
SHA512

3a77ec5758177534c382105acaec0ca6ec2069719ac8311cd52551aaa430ab83e3203a72dce81aa39f805a62dfcbc94cdd862280f9ef55fda2a00a0f30b2ed82
SSDEEP

1536:iJPmAHnTcXKD0IhojSE9fkyIg6hq5vhaGbihPTMDIdCOgl8moNWZn2y5rkINQBEB:ipmKYXvRSmkxg6hQPRGgemFXkOEE

Score

N/A

Malware Config

Signatures

Files

86b0822d36ab2ffca4087ce9e04f971323ece41049e74770c330197009b4557a
.exe windows x86

5d1e4a91d432c9eb6d69554b27071678

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

CStdStubBuffer_Disconnect
RpcServerUseProtseqEpW
RpcStringFreeA
NdrDllUnregisterProxy
CStdStubBuffer_Invoke
IUnknown_Release_Proxy
UuidFromStringW
NdrClientCall2
CStdStubBuffer_Connect
RpcStringFreeW
NdrOleFree
UuidToStringA
RpcBindingVectorFree
CStdStubBuffer_CountRefs
RpcImpersonateClient
CStdStubBuffer_IsIIDSupported
NdrCStdStubBuffer_Release
RpcBindingSetAuthInfoExW
NdrCStdStubBuffer2_Release
NdrStubCall2
NdrOleAllocate
RpcServerUnregisterIf
RpcStringBindingComposeW
CStdStubBuffer_AddRef
RpcServerRegisterAuthInfoW
CStdStubBuffer_QueryInterface
RpcEpResolveBinding
RpcBindingSetAuthInfoW
RpcBindingFromStringBindingW

kernel32

InterlockedIncrement
CreateFileW
GlobalFree
GetStartupInfoA
FormatMessageA
GetFullPathNameW
VirtualAlloc
IsBadWritePtr
SystemTimeToFileTime
CreateDirectoryA
FindClose
GetProcAddress
GetStringTypeA
GetWindowsDirectoryA
OutputDebugStringA
DisableThreadLibraryCalls
lstrcpynW
GetSystemDirectoryA
ExitProcess
CreateProcessW
lstrcmpA
FileTimeToSystemTime

oleaut32

SafeArrayCreate
SafeArrayGetUBound
VariantCopyInd
VariantChangeType
VariantInit
CreateErrorInfo
SafeArrayPtrOfIndex
VariantClear
SafeArrayPutElement
VariantCopy
LoadTypeLib
SysAllocStringByteLen
SysAllocStringLen
SysReAllocStringLen
SysFreeString
SafeArrayUnaccessData
GetActiveObject
OleLoadPicture
RegisterTypeLib
SafeArrayGetLBound
GetErrorInfo
SafeArrayAccessData
SysStringLen
SysStringByteLen

ole32

OleSaveToStream
CreateBindCtx
MkParseDisplayName
CoRevertToSelf
CoInitializeEx
CLSIDFromProgID
OleInitialize
WriteClassStm
PropVariantClear
CoGetMalloc
StringFromCLSID
OleRegEnumVerbs
StgIsStorageFile
CoCreateInstance
StgCreateDocfile
CoReleaseMarshalData
CoRegisterClassObject
ProgIDFromCLSID
OleLoadFromStream
CoCreateFreeThreadedMarshaler
StringFromIID
OleRun
CoSetProxyBlanket
CoTaskMemFree
CoGetInterfaceAndReleaseStream
StringFromGUID2
CoFreeUnusedLibraries

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d1e4a91d432c9eb6d69554b27071678

Headers

File Characteristics

Imports

rpcrt4

kernel32

oleaut32

ole32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 63KB - Virtual size: 124KB

.idata Size: 6KB - Virtual size: 5KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 63KB - Virtual size: 124KB

.idata
Size: 6KB - Virtual size: 5KB