1997c2c0dc05482c78bc204929388fe3391e97f7a9f9ccb34857cc9a353efc9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1997c2c0dc05482c78bc204929388fe3391e97f7a9f9ccb34857cc9a353efc9f
Size

292KB
MD5

44b2de6b9d997336a5c4a7e12765dff1
SHA1

3a9ad0fe68ee1157a91255a7911bbe70da5a37d2
SHA256

1997c2c0dc05482c78bc204929388fe3391e97f7a9f9ccb34857cc9a353efc9f
SHA512

ccb3e49ef9053375839d7d3f52ba396ed66f06d71edadc1fb7e58d58be41a05e467797b8aac41288df3da8e5795d1893ed312f36e7350add9a14588077613891
SSDEEP

6144:XLSYrSNH95VpfAqFaAE7Wyp0JExjrOCFbDDTTQ:2Ym95nItA9y8cH7T0

Score

N/A

Malware Config

Signatures

Files

1997c2c0dc05482c78bc204929388fe3391e97f7a9f9ccb34857cc9a353efc9f
.exe windows x86

4f93f97beebd486f625ff065aa53d1fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xolehlp

ord5

kernel32

SetHandleCount
LoadLibraryA
SetEvent
WaitForSingleObject
LoadLibraryW
CreateDirectoryW
ResetEvent
VirtualFree
VirtualAlloc
GetWindowsDirectoryW
VirtualProtect
SetTapeParameters
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
GetModuleFileNameA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapReAlloc
IsBadWritePtr
GetProcAddress

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE