b9cc00593e2b386195023ac87a4c2d28cb6bdf5a41dae798f38708b9a25e2891

General

Target

b9cc00593e2b386195023ac87a4c2d28cb6bdf5a41dae798f38708b9a25e2891
Size

81KB
MD5

4ac0f21b8df8af4173446c6fdacd595a
SHA1

1f0e5af98698c1e79387b2fd5580ab454b8457c6
SHA256

b9cc00593e2b386195023ac87a4c2d28cb6bdf5a41dae798f38708b9a25e2891
SHA512

9833982e69a153a63a535a42c32675658ae4db05bfc10d8a604366955027344bea9f9961fb932d704537fb8778bda5763d236c66e9a4cfe02b6c4bcefc8fbf10
SSDEEP

1536:jdJbEXo9Fl8owD9THv34MyDCQ8ijjyae8dB9SaHCz1ms+Dkj:xhmo9Fl78RI7pyaeaB9VC4Dk

Score

N/A

Malware Config

Signatures

Files

b9cc00593e2b386195023ac87a4c2d28cb6bdf5a41dae798f38708b9a25e2891
.exe windows x86

7c992c88ad08ae279cb8d55be9185e12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
VirtualAlloc
lstrlenW
GetFileAttributesA
GetFileAttributesW
GetExitCodeProcess
GetACP
lstrcpyW
GetCurrentProcess
SetHandleCount
GetConsoleMode
GetStdHandle
GetCommandLineW
EnterCriticalSection
ExitProcess
GetFileSize
LockResource
ResumeThread
GetProcessHeap
GetSystemTime
GetSystemTimeAsFileTime
GetProcAddress
VirtualProtect
CreateFileA

ole32

CoMarshalInterface
StgIsStorageFile
CLSIDFromString
MkParseDisplayName
PropVariantCopy
CoUnmarshalInterface
OleRegEnumFormatEtc
StgCreateDocfileOnILockBytes
CreateOleAdviseHolder
CoMarshalInterThreadInterfaceInStream
CoRegisterClassObject
CreateDataAdviseHolder
CreateBindCtx
CoImpersonateClient

version

GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueA
VerFindFileW
VerQueryValueW

ntdll

RtlRunEncodeUnicodeString
RtlInitializeCriticalSection
NtConnectPort
NlsMbOemCodePageTag
_wcslwr
RtlQueryEnvironmentVariable_U
RtlCreateUnicodeStringFromAsciiz
NtOpenProcess
RtlInitializeCriticalSectionAndSpinCount
RtlGetDaclSecurityDescriptor
NtSetInformationThread
NtUnmapViewOfSection
NtFsControlFile
RtlUnicodeToMultiByteN
NtQueryDirectoryFile
NtEnumerateValueKey
RtlDestroyEnvironment
RtlFreeUnicodeString
RtlAcquireResourceShared

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c992c88ad08ae279cb8d55be9185e12

Headers

File Characteristics

Imports

kernel32

ole32

version

ntdll

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 56KB - Virtual size: 117KB

.idata Size: 8KB - Virtual size: 8KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 56KB - Virtual size: 117KB

.idata
Size: 8KB - Virtual size: 8KB