6b1308943175a6944bf855eaf2c93d28954a737ea4a4d9dc29b210f17d255c0d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b1308943175a6944bf855eaf2c93d28954a737ea4a4d9dc29b210f17d255c0d
Size

108KB
MD5

05d94d2fd2dd64d511f235248d6aad53
SHA1

97621d1e3ca43e44ac3a411b31156cbb21608933
SHA256

6b1308943175a6944bf855eaf2c93d28954a737ea4a4d9dc29b210f17d255c0d
SHA512

f8bda2f2a5d01f91ee6a255b7307fcbbcd72920602429f88003cd56b01c3be290b129a5ff41a86e7600bc173c569e3f0c4d4a31441e05808f62411f036f23cc0
SSDEEP

1536:rhq0pLsOGCjipq81s45X8KG7mjUbZqxu6WALMhrk:dVZGCQ1PCFyRce

Score

N/A

Malware Config

Signatures

Files

6b1308943175a6944bf855eaf2c93d28954a737ea4a4d9dc29b210f17d255c0d
.exe windows x86

d5c04091a4546d9b3f54dbed5ac5b4c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
GetStartupInfoA
GetModuleFileNameA
GetCommandLineA
FreeLibrary
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
WriteProcessMemory
WriteFile
WaitForSingleObject
VirtualFree
VirtualAlloc
Sleep
SizeofResource
SetLastError
ResumeThread
OpenProcess
LockResource
LoadResource
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
GetCurrentDirectoryA
FindResourceA
FindFirstFileA
FindClose
CreateRemoteThread
CreateProcessA
CreateFileA
CopyFileA
CloseHandle

user32

GetKeyboardType
MessageBoxA
CharNextA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
StartServiceA
SetServiceStatus
OpenSCManagerA
CreateServiceA
CloseServiceHandle

Sections

Size: 104KB - Virtual size: 104KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE