ef00924d4689266969afef3b8725a9ced9af8b6e4b9ac527ee713710607bb2ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef00924d4689266969afef3b8725a9ced9af8b6e4b9ac527ee713710607bb2ed
Size

188KB
MD5

5a266324c828f9c29eb18c426185e086
SHA1

67cbbd4cfbd953b45ce79db48b5d8b4c60203ec5
SHA256

ef00924d4689266969afef3b8725a9ced9af8b6e4b9ac527ee713710607bb2ed
SHA512

727563594c7f9028309a77db102988b5bebc4faf9caf7706248b38cac9fab8b309782b3e03ce75ce90471d0913391fdab9da8a8c015692a5cb9131e74ac4cdc5
SSDEEP

3072:yoeBBoa2PqPxj2gUz5i2DIyklhWrswzvNB4P5iRGr251O4Nr76t:LeBBoXqJahfDIyvhzj+5iRI4Be

Score

N/A

Malware Config

Signatures

Files

ef00924d4689266969afef3b8725a9ced9af8b6e4b9ac527ee713710607bb2ed
.exe windows x86

a1c3edc7dbbb2b36b132d77a2ba3d8ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetTempPathA
GetTempFileNameA
CreateProcessA
lstrlenW
FormatMessageA
GetSystemDirectoryW
LoadLibraryExW
LoadLibraryW
SetLastError
WriteFile
CloseHandle
GetUserDefaultLangID
HeapFree
RaiseException
LoadLibraryA
GetLastError
VirtualProtect
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
GetProcAddress
GetModuleHandleW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
FreeLibrary

ole32

CoCopyProxy
CoInitializeEx
CreateILockBytesOnHGlobal
CoInitializeSecurity
CoCreateInstance

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ