bd29c3878cf83852f7135c9a69e459683402eaee1c6d0e5ca7cf8159cd7278f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd29c3878cf83852f7135c9a69e459683402eaee1c6d0e5ca7cf8159cd7278f2
Size

87KB
MD5

b5c9f1bd959b8af432d7cf69fba6b759
SHA1

5e1496e0542cefdbb1e7bf0c3b71543d3ca43939
SHA256

bd29c3878cf83852f7135c9a69e459683402eaee1c6d0e5ca7cf8159cd7278f2
SHA512

59807803cc4ef6b4bdebeacf8712453104259b2e8896c009c7ad5c882725623ea82ab8fbbcf31eb7457af05947195584024941adac52174766de563afd7b4d84
SSDEEP

1536:vy2u+njSfu/wkyA+JLEMVJxkyHwqAVi6JDkaEwnayNGn/MVBX:vv5jSJA+pEMVJ7Qqii6J4aEwayNWMVBX

Score

N/A

Malware Config

Signatures

Files

bd29c3878cf83852f7135c9a69e459683402eaee1c6d0e5ca7cf8159cd7278f2
.exe windows x86

c3e6106e1e3aeb8cff14ba27e6694690

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
lstrcpyA
CreateProcessA
lstrcatA
GetWindowsDirectoryA
DuplicateHandle
GetCurrentProcess
OpenProcess
VirtualFree
VirtualAlloc
ReadFile
GetFileSize
CreateFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetVersionExA
VirtualProtectEx
lstrcmpA
CopyFileA
DeleteFileA
SetFileAttributesA
WriteFile
lstrlenA
GetSystemDirectoryA
SetFilePointer
GetModuleFileNameA
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap
CreateRemoteThread
SetLastError
GetCurrentProcessId
GetPriorityClass
WriteProcessMemory
Sleep
GetModuleHandleA
GetProcAddress
WaitForSingleObject
GetComputerNameA
CloseHandle
ResumeThread

user32

FindWindowA
GetWindowThreadProcessId
wsprintfA

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
GetUserNameA
RegSetValueExA

shlwapi

SHDeleteKeyA

msvcrt

atoi
free
malloc
_strnicmp
_strrev
strrchr
strncpy
strchr
_stricmp

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE