b4b2bd652db9894ceacd03e8cac1479101265a0f25d62e2d2fcf637de157e2a4

Sharing

Copy URL Twitter E-mail

General

Target

b4b2bd652db9894ceacd03e8cac1479101265a0f25d62e2d2fcf637de157e2a4
Size

281KB
MD5

62e26eef9e075b9e812eccb6b3e6e55e
SHA1

632af4b1ffeb6151cfb8d72df9721690e9c947cd
SHA256

b4b2bd652db9894ceacd03e8cac1479101265a0f25d62e2d2fcf637de157e2a4
SHA512

3fce55cc73c022ed0720d5a0094111645b4d49455105d261711e891febb847df224820d6eacd3ae96426ac2537d5896a3f14662ee855bb83e705fb6ddb18dffb
SSDEEP

6144:JDOPvkeTkeieZXbMnb0F648hXVu7ryf1s4eb+4fMm/B4A:JNlHelwb0F648NVz/4fMmOA

Score

N/A

Malware Config

Signatures

Files

b4b2bd652db9894ceacd03e8cac1479101265a0f25d62e2d2fcf637de157e2a4
.exe windows x86

841a2bef1748d676d34bf1c208f32ad1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2

rpcrt4

UuidCreate

advapi32

SetSecurityDescriptorDacl
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
InitializeSecurityDescriptor

ws2_32

WSCInstallProvider
WSACleanup
WSCGetProviderPath
WSCWriteProviderOrder
WSAStartup
WSCDeinstallProvider
WSCEnumProtocols

kernel32

WideCharToMultiByte
GetSystemTimeAsFileTime
UnhandledExceptionFilter
HeapReAlloc
ReadFile
EnumSystemLocalesA
GetSystemDirectoryA
HeapDestroy
CloseHandle
HeapFree
GetModuleHandleA
SystemTimeToTzSpecificLocalTime
GetOEMCP
SetEndOfFile
GetConsoleOutputCP
VirtualAlloc
WriteFile
SetUnhandledExceptionFilter
GetCommandLineA
SetStdHandle
TlsGetValue
CreateFileA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetStdHandle
SetLastError
GetModuleHandleW
VirtualFree
SetHandleCount
GetConsoleCP
IsValidCodePage
WriteConsoleW
GetFileType
SetFilePointer
FreeEnvironmentStringsW
GetTimeFormatA
EnterCriticalSection
WriteConsoleA
HeapAlloc
TlsSetValue
GetUserDefaultLCID
LeaveCriticalSection
RtlUnwind
LCMapStringA
RaiseException
GetTempPathA
GetSystemTime
ExpandEnvironmentStringsA
GetACP
TlsFree
FreeEnvironmentStringsA
HeapSize
GetConsoleMode
SystemTimeToFileTime
FreeLibrary
IsDebuggerPresent
LCMapStringW
IsValidLocale
GetProcessHeap
TlsAlloc
FileTimeToSystemTime
GetCurrentThreadId
DeleteCriticalSection
VirtualAllocEx

esent

JetCreateIndex
JetGetLS
JetSetColumnDefaultValue
JetDelete
JetInit2
JetDupCursor
JetCreateDatabase2
JetGetDatabaseFileInfo
JetOSSnapshotFreeze
JetCloseFileInstance
JetGetTableColumnInfo
JetBackupInstance
JetTerm
JetGetInstanceInfo
JetCloseDatabase
JetPrepareToCommitTransaction
JetUpgradeDatabase
JetOSSnapshotThaw
JetGetSecondaryIndexBookmark
JetRestore

compstui

GetCPSUIUserData
CommonPropertySheetUIW
SetCPSUIUserData

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 249KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

841a2bef1748d676d34bf1c208f32ad1

Headers

File Characteristics

Imports

ole32

rpcrt4

advapi32

ws2_32

kernel32

esent

compstui

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 249KB - Virtual size: 936KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 249KB - Virtual size: 936KB

.rsrc
Size: 5KB - Virtual size: 5KB