860983178ffb67a93ffc86ea825ea0d7691fc76e878f03b96f2d0a767c45263f

Sharing

Copy URL Twitter E-mail

General

Target

860983178ffb67a93ffc86ea825ea0d7691fc76e878f03b96f2d0a767c45263f
Size

127KB
MD5

e0b79ad0a1bdeefb4d7b4984496091e3
SHA1

a1ecba51d7e8c5eaabaa8d2fc470688cad53c618
SHA256

860983178ffb67a93ffc86ea825ea0d7691fc76e878f03b96f2d0a767c45263f
SHA512

1ce1cbb00484d7e93e9a2fb1ced6d3e3bbdc141c0e1efe01ba572b3423159270795a0b97380849d4d74519ff812bdb30ed7cb7775027d45bbe4ed392a3797788
SSDEEP

1536:cVw5vlCYSzW0NRdWdw20NQOWFPoCLV49wonakoQlZQtic7aLbclbJl2KXs8upPUQ:WwJTwWhQQOWno/qp11c6/BZu

Score

N/A

Malware Config

Signatures

Files

860983178ffb67a93ffc86ea825ea0d7691fc76e878f03b96f2d0a767c45263f
.exe windows x86

fa856b315683d07fd83a14fdb1c1880e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

ProgIDFromCLSID
CreateOleAdviseHolder
CLSIDFromString
OleLoadFromStream
OleRegGetUserType
OleRegEnumVerbs
CoCreateInstance
GetHGlobalFromStream
OleRun
CoInitializeEx
StringFromGUID2
ReadFmtUserTypeStg
CoTaskMemFree
CoCreateFreeThreadedMarshaler
StringFromIID
ReleaseStgMedium
StgOpenStorage
CoReleaseMarshalData
CoInitializeSecurity
CoUninitialize
CoInitialize
CoUnmarshalInterface
CreateStreamOnHGlobal

kernel32

LoadLibraryExW
GetWindowsDirectoryA
TerminateProcess
GetCurrentProcessId
GetOEMCP
CreateProcessW
IsBadWritePtr
GetComputerNameW
IsValidCodePage
FormatMessageA
FreeLibrary
lstrlenW
GetThreadLocale
LocalFree
GetLocalTime
VirtualAlloc
ExitProcess
SetErrorMode
lstrcpynA
lstrcmpW
lstrcmpiW
SetUnhandledExceptionFilter
GetLocaleInfoW
GetWindowsDirectoryW
LeaveCriticalSection
GetTempPathA
QueryPerformanceCounter
LCMapStringW
TlsGetValue
GetCurrentThreadId
GetVersionExW

ntdll

RtlFreeSid
NtCancelIoFile
RtlQueueWorkItem
RtlInitializeCriticalSectionAndSpinCount
wcsncpy
wcscat
RtlFreeAnsiString
NtQuerySystemInformation
NtQueryDirectoryObject
RtlLengthRequiredSid
RtlLengthSid
NlsMbCodePageTag
RtlGetFullPathName_U
NtQueryInformationThread
RtlQueryRegistryValues
RtlClearBits
NtSetInformationProcess
NtQuerySystemTime
RtlGetSaclSecurityDescriptor
RtlQueryEnvironmentVariable_U
RtlInitAnsiString
NtImpersonateAnonymousToken
RtlValidSid
RtlAllocateHeap
NtAllocateLocallyUniqueId
RtlValidRelativeSecurityDescriptor
wcstol
RtlCreateTimer
RtlInitUnicodeString
RtlUpcaseUnicodeStringToOemString
qsort
NtQueryValueKey
RtlLengthSecurityDescriptor
RtlUnicodeStringToOemString
NtTerminateProcess
RtlCreateUnicodeString
RtlAllocateAndInitializeSid
NtFreeVirtualMemory
RtlCreateTimerQueue
RtlSetSaclSecurityDescriptor

msvcrt

__wgetmainargs
time
exit
__p__fmode
iswctype
swscanf
isspace
isleadbyte
iswalpha
memmove
free
__set_app_type
_itoa
_wsplitpath
_vsnprintf
wcspbrk
ceil
_write
_wcsicmp
__p__commode
wcstombs
__setusermatherr
_beginthreadex
_strnicmp

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 65KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa856b315683d07fd83a14fdb1c1880e

Headers

File Characteristics

Imports

ole32

kernel32

ntdll

msvcrt

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 53KB - Virtual size: 53KB

.data Size: 65KB - Virtual size: 176KB

.reloc Size: 512B - Virtual size: 492B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 53KB - Virtual size: 53KB

.data
Size: 65KB - Virtual size: 176KB

.reloc
Size: 512B - Virtual size: 492B