d479789d0c21a41bc8475d6884a4f1fc9a4eccfb59ab87164721334f3848c733 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d479789d0c21a41bc8475d6884a4f1fc9a4eccfb59ab87164721334f3848c733
Size

285KB
MD5

b11cef49b414fec6dddc5dbf91216224
SHA1

2fa45f704068a7f825bbf7afe12446bd564f697a
SHA256

d479789d0c21a41bc8475d6884a4f1fc9a4eccfb59ab87164721334f3848c733
SHA512

005db27fbd5fef5c60472577440f985b7616fad075d9f3273c14f0c7aab45ed08c174c815925eae39d3b93fff45c28a5c6310b100fc26aaae1de470f7d45db0e
SSDEEP

6144:B82VmkSXizQP/Ew1sZQHv5MLPs8a/FG/JXhnkc:BFhMYWMwZH38d/bnkc

Score

N/A

Malware Config

Signatures

Files

d479789d0c21a41bc8475d6884a4f1fc9a4eccfb59ab87164721334f3848c733
.exe windows x86

28ebe7f5ffb012954ce59e5fea5c7ee2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
lstrlenA
GetProcAddress
LoadLibraryA
lstrcpyA
ExitProcess
CloseHandle
ReadFile
CreateFileA
GetModuleFileNameA
GetEnvironmentVariableA
Sleep

Sections

.text
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE