bdb0e13317883c8f6befda423ee602fba9e1bd0dcf37c77a3eb87550ebea4ae6

Sharing

Copy URL Twitter E-mail

General

Target

bdb0e13317883c8f6befda423ee602fba9e1bd0dcf37c77a3eb87550ebea4ae6
Size

307KB
MD5

f0fc25b7e9d5867cca56d883981609c3
SHA1

b3f6c8af0c3b1ba1b11388ddda378a0ef9699ee4
SHA256

bdb0e13317883c8f6befda423ee602fba9e1bd0dcf37c77a3eb87550ebea4ae6
SHA512

28213cd4c3030a99a591d65157aad8e578981894a3e6181027b6e8ec5f335e7c60fceb5d146e60c101645940db5b1a32e714f758979856d8f644e8c6f1061962
SSDEEP

6144:q9eGb4ZBCSIEdF2wUCj5XpM5Z+m1eoR7YDpBAEttW:9e4iSIEBvFc+mJOon

Score

N/A

Malware Config

Signatures

Files

bdb0e13317883c8f6befda423ee602fba9e1bd0dcf37c77a3eb87550ebea4ae6
.exe windows x86

8729f60bad958f3d47d7753716b7da8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
LeaveCriticalSection
LockResource
FindFirstFileA
UnmapViewOfFile
OpenProcess
GetSystemTime
HeapReAlloc
HeapAlloc
HeapSize
CreateFileMappingA
CloseHandle
GetSystemTimeAsFileTime
EnterCriticalSection
MapViewOfFile
SizeofResource
ResumeThread
OpenFileMappingA
GetCurrentThreadId
GetACP
CreateEventA
FindCloseChangeNotification
GetThreadLocale
CreateThread
FormatMessageA
FindNextFileA
ReleaseMutex
CreateMutexA
CreateSemaphoreA
FindNextChangeNotification
RaiseException
DeleteFileA
TlsGetValue
GetProcessHeap
DeleteCriticalSection
LocalAlloc
FindFirstChangeNotificationA
HeapFree
ReleaseSemaphore
lstrlenA
HeapDestroy
FindClose
CreateDirectoryA
FindResourceA
LoadResource
WaitForSingleObject
TlsSetValue
WaitForMultipleObjects
WideCharToMultiByte
FindResourceExA
LocalFree
GetModuleHandleW
VirtualAlloc

ole32

CoCreateInstance
CLSIDFromString
OleRun
CLSIDFromProgID

user32

wsprintfA

oleaut32

VariantTimeToSystemTime
VarUdateFromDate
SystemTimeToVariantTime

advapi32

QueryServiceStatusEx
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
StartServiceA
OpenServiceA
CryptGenRandom
OpenServiceW
RegCloseKey
QueryServiceStatus
CryptReleaseContext
CryptAcquireContextA
CloseServiceHandle
OpenSCManagerA
ControlService

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

shlwapi

PathIsUNCA
PathIsURLA

scecli

SceOpenPolicy
SceBrowseDatabaseTable
SceSetDatabaseSetting
SceAppendSecurityProfileInfo
SceAddToObjectList
SceRollbackTransaction
SceSysPrep

colbact

GetClassInfoForCurrentUser
DllGetClassObject
PartitionAccessCheck
DllRegisterServer
DllUnregisterServer
GetDefaultPartitionForSid

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8729f60bad958f3d47d7753716b7da8a

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

advapi32

rpcrt4

shlwapi

scecli

colbact

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 277KB - Virtual size: 279KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 277KB - Virtual size: 279KB

.rsrc
Size: 12KB - Virtual size: 11KB