dbf8002c92ccc8ed8abbc75bb871bf754982601f5eb9fde6f603579728f6ecf7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbf8002c92ccc8ed8abbc75bb871bf754982601f5eb9fde6f603579728f6ecf7
Size

815KB
MD5

67a01081dbb607e57dff56a776cae458
SHA1

0847e3bb417bf8b0141a2426e3cfeb0f3f919bfd
SHA256

dbf8002c92ccc8ed8abbc75bb871bf754982601f5eb9fde6f603579728f6ecf7
SHA512

0f82512b40b5ec10d1a909d5af0429de67dbe4684b8f0b4d24dfcd9d4eecf70c5ebd463cb929d30f14522c7678ebde42d17754cc791c7bbd23ef2f7e04a67a61
SSDEEP

24576:OA7Ie/PVgj3spMEYdD9/DK++bXdDqmLPfF4+y2:OA7b0MMH5/mnD1PfF1

Score

N/A

Malware Config

Signatures

Files

dbf8002c92ccc8ed8abbc75bb871bf754982601f5eb9fde6f603579728f6ecf7
.exe windows x86

ecc8880b4a9b9acd1f76d82c1923e163

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetModuleHandleA
lstrcpynA
lstrcpynA
SetCurrentDirectoryA
GetStartupInfoW
TlsGetValue
UnmapViewOfFile
lstrlenA
DeleteFileW
TlsAlloc
GetFullPathNameA
lstrcpynA
CreateEventA
FormatMessageA
GetNumberFormatA
lstrcpynA
GetModuleFileNameW
GetLocaleInfoW
TlsAlloc
VirtualAlloc
GetCurrentProcess
GetPrivateProfileIntA

wavemsp

DllUnregisterServer
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

Sections

.text
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.edata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ