98faca53635ef501912ad4cadfe2671f943a42158a2e14268f957bbc54cbdbaf

General

Target

98faca53635ef501912ad4cadfe2671f943a42158a2e14268f957bbc54cbdbaf
Size

47KB
MD5

9361be67291f6072db89b65cd1a6f7c3
SHA1

45655b84de07774c32978b2c9cc2397b2fbd71fb
SHA256

98faca53635ef501912ad4cadfe2671f943a42158a2e14268f957bbc54cbdbaf
SHA512

87995e350850080f87ee0b7f6170b83da1193c3728897b4c0c32ab9aee32f8998257cfb683f13a85903e2594e61cb9a23d3dbdd41a128a73e9b9ecbc27526265
SSDEEP

768:8a5PaOyMbqbMjGKlUUGm3wVok8gqpO6iVIjzy8POP21lwU40elO0y:8aPa5M9jbdPkKhjqIvWuPwU1F0y

Score

N/A

Malware Config

Signatures

Files

98faca53635ef501912ad4cadfe2671f943a42158a2e14268f957bbc54cbdbaf
.exe windows x86

6b8f0411eb8a73c357d2c54c512d6e1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

activeds

ADsGetObject

kernel32

SystemTimeToTzSpecificLocalTime
FormatMessageW
UnhandledExceptionFilter
HeapFree
GetTimeFormatW
Sleep
GetWindowsDirectoryW
WaitForMultipleObjectsEx
GlobalSize
GetCurrentProcess
LoadLibraryA
GetSystemTimeAsFileTime
HeapAlloc
SetUnhandledExceptionFilter
SetLastError
GlobalFree
InitializeCriticalSection
SystemTimeToFileTime
GetCurrentProcessId
lstrcmpW
SizeofResource
lstrcpyW
FreeLibrary
GetSystemWindowsDirectoryW
LocalFree
DnsHostnameToComputerNameW
InterlockedIncrement
GetComputerNameW
GetProcAddress
GetCurrentThreadId
VirtualFree
GetDateFormatW
LoadLibraryExW
CompareFileTime
QueryPerformanceCounter
lstrlenW
InterlockedExchange
EnterCriticalSection
GetTickCount
LeaveCriticalSection
GetCommandLineW
GetSystemDirectoryW
FlushInstructionCache
GetLastError
DeleteCriticalSection
GetModuleHandleW
lstrcmpiW
InterlockedDecrement
LoadResource
TerminateProcess
lstrcpynW
LoadLibraryW
GetModuleFileNameW
LocalAlloc
LockResource
GetProcessHeap
GlobalUnlock
GlobalLock
lstrlenA
GlobalAlloc
IsBadWritePtr
VirtualAlloc
CompareStringW
MultiByteToWideChar
FindResourceW

mscat32

CryptCATOpen

Sections

.text
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b8f0411eb8a73c357d2c54c512d6e1e

Headers

File Characteristics

Imports

activeds

kernel32

mscat32

Sections

.text Size: 512B - Virtual size: 412B

.rsrc Size: 12KB - Virtual size: 11KB

.data Size: - Virtual size: 1.3MB

.idata Size: 19KB - Virtual size: 18KB

.rdata Size: 15KB - Virtual size: 14KB

.text
Size: 512B - Virtual size: 412B

.rsrc
Size: 12KB - Virtual size: 11KB

.data
Size: - Virtual size: 1.3MB

.idata
Size: 19KB - Virtual size: 18KB

.rdata
Size: 15KB - Virtual size: 14KB