b5f8d878b30954b39fd554543ed39513be51b6a25c5b3ef8b2179d129548ac89

Sharing

Copy URL Twitter E-mail

General

Target

b5f8d878b30954b39fd554543ed39513be51b6a25c5b3ef8b2179d129548ac89
Size

259KB
MD5

0f7572584f408aaaaec3a893f6c85423
SHA1

c48434219c3f80590a6a546f15c8f7ab6b90cf19
SHA256

b5f8d878b30954b39fd554543ed39513be51b6a25c5b3ef8b2179d129548ac89
SHA512

653df27bcb934e9f382ccfd2c0b9eef54fd393e2d49844603cf76966b0566746236e411392d3b11e4b4ec9da5f303346aa22574120a9475ac8c790022a3aa3b0
SSDEEP

6144:1mzzh5Hygb9WBf8O3ZadM9p/5tI0x6sg3:6z6v4uVIpsy

Score

N/A

Malware Config

Signatures

Files

b5f8d878b30954b39fd554543ed39513be51b6a25c5b3ef8b2179d129548ac89
.exe windows x86

06d4d933e9789c4927282df517bcb1a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetFullPathNameA
lstrcpynW
lstrlenW
GetFullPathNameW
FreeLibrary
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
FileTimeToSystemTime
GetCurrentThreadId
TryEnterCriticalSection
ResetEvent
CreateThread
GetDriveTypeW
CreateEventW
LeaveCriticalSection
GetLogicalDriveStringsW
EnterCriticalSection
FindClose
FindNextFileW
FindFirstFileW
CloseHandle
TerminateThread
WaitForSingleObject
lstrlenA
GetModuleHandleW
SetLastError
DeleteCriticalSection
LocalFree
LoadLibraryExW
LocalAlloc
OpenProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
lstrcpynA
GetTimeFormatW
GetDateFormatW
CreateFileW
WriteFile
SetEndOfFile
SetFilePointer
GetSystemTimeAsFileTime
GetThreadLocale
WaitForMultipleObjects
GetACP
IsValidLocale
VirtualAllocEx

user32

DrawFrameControl
ReleaseDC
GetClientRect
PostMessageW
GetWindowDC
EnableWindow
LoadImageW
GetParent
IsWindow
GetNextDlgTabItem
CheckMenuItem
EnableMenuItem
GetSubMenu
LoadMenuW
LoadCursorW
SetCursor
ScreenToClient
LoadIconW
GetCursorPos
GetWindowRect
SendMessageW
DestroyIcon
InvalidateRect
GetSystemMetrics
SetForegroundWindow
SetRect

gdi32

SelectObject
DeleteDC
ExtTextOutW
GetBkColor
SetBkColor
LPtoDP
CreateCompatibleDC
BitBlt
DPtoLP
GetMapMode
CreateCompatibleBitmap
CreateSolidBrush
DeleteObject

advapi32

EqualSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegDeleteKeyW
RegDeleteKeyA
FreeSid
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegEnumKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
LookupAccountSidW
AllocateAndInitializeSid

shell32

SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation
ExtractIconExW

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime

esent

JetCreateInstance

colbact

DllGetClassObject
GetDefaultPartitionForCurrentUser
GetDefaultPartitionForSid

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cfKTm
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OvpLSW
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GkbZ
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lVWOA
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZaTZL
Size: 512B - Virtual size: 333B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.V
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06d4d933e9789c4927282df517bcb1a7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

esent

colbact

Sections

.text Size: 16KB - Virtual size: 16KB

.cfKTm Size: 1024B - Virtual size: 1KB

.OvpLSW Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.GkbZ Size: 2KB - Virtual size: 2KB

.lVWOA Size: 2KB - Virtual size: 3KB

.data Size: 212KB - Virtual size: 407KB

.ZaTZL Size: 512B - Virtual size: 333B

.V Size: 1024B - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 16KB - Virtual size: 16KB

.cfKTm
Size: 1024B - Virtual size: 1KB

.OvpLSW
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.GkbZ
Size: 2KB - Virtual size: 2KB

.lVWOA
Size: 2KB - Virtual size: 3KB

.data
Size: 212KB - Virtual size: 407KB

.ZaTZL
Size: 512B - Virtual size: 333B

.V
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 16KB