d005fd21349cf80cc6221bb97e8efd6d36fb06cdedb7ac02ae84eb77ee381f0c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d005fd21349cf80cc6221bb97e8efd6d36fb06cdedb7ac02ae84eb77ee381f0c
Size

20KB
MD5

4f9da2574d8270a1f87ce139581d150a
SHA1

4721bd7e19fbbd98e1416e68adc6d27ec10d332c
SHA256

d005fd21349cf80cc6221bb97e8efd6d36fb06cdedb7ac02ae84eb77ee381f0c
SHA512

673604a49b794a6f399ec612c954c4e214b87c7446266dcb0f45ff39c76e9995bad4b0a9b15f8f2f4b56de22616d489e793e23a451d898aed3a5a023546d419a
SSDEEP

192:0l6KJpM7UDxHixEoBOAkXP4iWpHVRHM1T32Dl6KJpM7UDxHixEo:XoiUpyBOfPyJXWT3RoiUpy

Score

N/A

Malware Config

Signatures

Files

d005fd21349cf80cc6221bb97e8efd6d36fb06cdedb7ac02ae84eb77ee381f0c
.exe windows x86

e8fd7d5680f5b55074bf0180266c4b00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
WinExec
WriteProcessMemory
OpenProcess
GetModuleHandleA
GetWindowsDirectoryA
GetModuleFileNameA
SetLastError
GetCurrentProcessId
VirtualFree
VirtualAlloc
CloseHandle
CreateRemoteThread
GetPriorityClass
ResumeThread

user32

FindWindowA
GetWindowThreadProcessId

msvcrt

fclose
fopen
exit
fprintf

urlmon

URLDownloadToFileA

Sections

Size: 16KB - Virtual size: 16KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE