b0b0662e132074d26774bda14c77bef86563e0287c2f5778e293bc7eda93287f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0b0662e132074d26774bda14c77bef86563e0287c2f5778e293bc7eda93287f
Size

180KB
MD5

5b29d9b0e18c8dc9eafd9c09b35e61b0
SHA1

19312c7468880856e77525a69adf4d81784b9454
SHA256

b0b0662e132074d26774bda14c77bef86563e0287c2f5778e293bc7eda93287f
SHA512

31d1bb8a018619afa423d981a1affc00fe078bb577295249088b51d52c5aa2f109c817107c9c0ad4c56d6f1d1e31368b885a2fe5567d00611abfaab9f4019fe7
SSDEEP

3072:NwBm1wRSDqAWgDsnBo1vcsspLWxwjoLFMQL+doY//7yCdJh4pF9S53YKp:qwKSDqcIBHlpSxHJx+doc/7ySarS3X

Score

N/A

Malware Config

Signatures

Files

b0b0662e132074d26774bda14c77bef86563e0287c2f5778e293bc7eda93287f
.exe windows x86

c6092057ce2d2d785eb85d14ceaa4178

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetAtomNameA
GlobalUnlock
GetCurrentDirectoryW
CloseHandle
DeleteCriticalSection
GetModuleHandleW
LoadLibraryW
WritePrivateProfileStringW
FindResourceW
MulDiv
lstrlenW
LoadResource
FindFirstFileW
GlobalSize
GetModuleFileNameW
InitializeCriticalSection
FindFirstChangeNotificationW
FindCloseChangeNotification
EnumResourceTypesA
Sleep
LockResource
FindNextChangeNotification
GlobalLock
LoadLibraryA
FindClose
GetPrivateProfileIntW
GetPrivateProfileStringW
GetVersionExA
IsValidCodePage
GetProcAddress
WaitForSingleObject
GetTickCount
GetVersionExW
GlobalAlloc
FreeLibrary
GetLocaleInfoW

shell32

SHGetImageList
SHBrowseForFolderA
CommandLineToArgvW
ShellExecuteW
SHFileOperationW
ShellExecuteExW
SHGetFolderPathW
SHGetPathFromIDListA
ShellExecuteExA
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ