s[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

s.exe
Size

261KB
MD5

b536287b4579805e670c79ba866c7d46
SHA1

31266436fe5ce008a27d96e729470a75dde1c440
SHA256

1479da55bc8333e46c9923be0e8a57f6597fe4482e263f37581fadb8492eb7c7
SHA512

f4ef6338a30b4b7a4b1b812cc5763c8528cba357d5969a0d07b49df6b3d92644144fdd7ec38ef23a35e84f6c3e0eecf2b5e43b08dc6a5eaaeb7c8390f27ee508
SSDEEP

3072:Kg1kTyCXoEl/+RCrPitssxkgaBChHyGhJe:Kg1+74vkratJiga3

Score

N/A

Malware Config

Signatures

Files

s.exe
.exe windows x86

87794c42e518ced2db325411b6fd224f

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GetComputerNameW
SetEvent
GetConsoleAliasesLengthA
GetConsoleTitleA
InitializeCriticalSection
SetCommConfig
Sleep
GetCalendarInfoA
IsBadCodePtr
DnsHostnameToComputerNameW
GetAtomNameW
GetMailslotInfo
SetConsoleTitleA
GetStringTypeExA
InterlockedExchange
GetProcAddress
SetStdHandle
SetFileAttributesA
LoadLibraryA
UnhandledExceptionFilter
LocalAlloc
FoldStringA
GetModuleFileNameA
GetDefaultCommConfigA
UpdateResourceW
GetFileTime
GetVersionExA
LCMapStringW
DeleteFileA
SwitchToThread
VirtualAlloc
GetLocaleInfoA
WideCharToMultiByte
InterlockedIncrement
MultiByteToWideChar
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
GetCPInfo
RtlUnwind
RaiseException
LCMapStringA
GetStringTypeW
HeapAlloc
HeapCreate
VirtualFree
HeapReAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
ExitProcess
ReadFile
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
CloseHandle
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

gdi32

GetCharWidthFloatW

winhttp

WinHttpCheckPlatform

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 40.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87794c42e518ced2db325411b6fd224f

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

winhttp

Sections

.text Size: 62KB - Virtual size: 62KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 116KB - Virtual size: 40.0MB

.rsrc Size: 63KB - Virtual size: 62KB

.text
Size: 62KB - Virtual size: 62KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 116KB - Virtual size: 40.0MB

.rsrc
Size: 63KB - Virtual size: 62KB