a342f0b41120e29e66a40d92a7f6f729d9422d538c3448ccffe641950d97b95c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a342f0b41120e29e66a40d92a7f6f729d9422d538c3448ccffe641950d97b95c
Size

22KB
MD5

6559196e56e6cc65716ede14502eda1a
SHA1

7d4f2dc0cfa6fcbd403858bec39b96c27823b510
SHA256

a342f0b41120e29e66a40d92a7f6f729d9422d538c3448ccffe641950d97b95c
SHA512

a0728acdac2b3b9b052b0d119ecad774818f423912debd7ee28155d9aba243ad4ebea2525c534701034ea877ef7fcdd87abd52eab99b8bd63b179125f1f458b8
SSDEEP

384:u7hQQZWgeO2oJmLH85q2MF6MflRFzciayDTsJfF7qPTSb/QjGq17iE8+oeK:u7igmoaqq2MF68viyDTsdFGPTSb/IGqI

Score

N/A

Malware Config

Signatures

Files

a342f0b41120e29e66a40d92a7f6f729d9422d538c3448ccffe641950d97b95c
.exe windows x86

51d63738a5d8d12757a067e34368561a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
lstrcatA
lstrcmpiA
GetProcAddress
CopyFileA
SetFileAttributesA
VirtualAllocEx
LoadLibraryA
CreateRemoteThread
LocalAlloc
GetModuleFileNameA
GetModuleHandleA
CreateToolhelp32Snapshot
CloseHandle
LocalFree
WriteProcessMemory
ExpandEnvironmentStringsA
Process32First
Process32Next
lstrlenA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE