e4945350d08007540a77e3260842f430fd6165d654e2038fff601fd547ce0a81 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e4945350d08007540a77e3260842f430fd6165d654e2038fff601fd547ce0a81
Size

37KB
MD5

6b4adc959a29821e439216c7f0e12280
SHA1

d0d5f3440c963b4062f77ba7a24cad72a02bf257
SHA256

e4945350d08007540a77e3260842f430fd6165d654e2038fff601fd547ce0a81
SHA512

c948144e5e1c95c8c271c6c9b1be844c0dad34619fd37dca4e621264b0bceb14be3e32330ede652af5e60d43fb4b5ef0beaca123d6d583d0eefd1a7f2f950898
SSDEEP

768:fPjnAptGZZun3SoTUeA3sqIZ3DhKIRTZ45:HjnIEKCotSsq2lKIRTm5

Score

N/A

Malware Config

Signatures

Files

e4945350d08007540a77e3260842f430fd6165d654e2038fff601fd547ce0a81
.exe windows x86

beb2e629899ff7d0a014c52d75a5565c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
AbortSystemShutdownA
InitiateSystemShutdownA

kernel32

LocalAlloc
GetLastError
GetCurrentProcess
GetCommandLineA
GetVersion
ExitProcess
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
LCMapStringA
LCMapStringW
CreateFileA
CloseHandle
HeapFree
HeapAlloc
GetStringTypeA
GetStringTypeW
VirtualAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
SetFilePointer
SetStdHandle

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XOR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE