41f3a1566193b8493cebd3518a6a4db18d7f5197a544988e2dd348cac4d7459d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41f3a1566193b8493cebd3518a6a4db18d7f5197a544988e2dd348cac4d7459d
Size

244KB
MD5

6554dd37562bcffbe2cce9db9fe6bc03
SHA1

a5dd3ad4e131c35b288a952424d9a5cef2583205
SHA256

41f3a1566193b8493cebd3518a6a4db18d7f5197a544988e2dd348cac4d7459d
SHA512

9cc815d1fcb2b4dae30c6a764be8b55818922a44b1345217b11468d0acb34b77c91f2a8e001ca455514742e0513f5624671fd0daf252fa27d96d94ab88c1e559
SSDEEP

6144:O9pEje34u8rFdDGV0A+3ovIHd2wf1KvlKAEj5ECiD1O:2pEj+2DA0A+4v6d2w9SulmI

Score

N/A

Malware Config

Signatures

Files

41f3a1566193b8493cebd3518a6a4db18d7f5197a544988e2dd348cac4d7459d
.exe windows x86

9acb5e16b3b6fd318f33f456891cf86d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
ExitProcess
CreateFileA
LCMapStringA
LoadLibraryA
CloseHandle

user32

CreateWindowExA
CloseWindow
CharLowerBuffA
SetWindowLongA
wsprintfA

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyA
RegCreateKeyA
RegDeleteValueA
RegSetValueA
RegDeleteKeyA
RegEnumValueA
RegEnumKeyA

Sections

.text
Size: 146KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE