029cfc5c9156c2742869273d4d9f91383f7f61423312e34347d09f1fdd10c770 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

029cfc5c9156c2742869273d4d9f91383f7f61423312e34347d09f1fdd10c770
Size

884KB
MD5

62e00f73b6b4513777f9161e8797fd70
SHA1

ee84729d5182f44506f8b4a5f63e160577d05006
SHA256

029cfc5c9156c2742869273d4d9f91383f7f61423312e34347d09f1fdd10c770
SHA512

28cf4b6c9d58cd8b3af53c69a385d44ad4dce3f7bb9d44f5a7fab31efd41587bee95d3971c3884533aa9a46477c66d6d15e3dbf695783954e307b15da48bfdad
SSDEEP

24576:Yx+g9AoWd4qNoVr12lS/WWepJjeDiNaLYGZ:Yx39wSvp/WWG6DigkGZ

Score

N/A

Malware Config

Signatures

Files

029cfc5c9156c2742869273d4d9f91383f7f61423312e34347d09f1fdd10c770
.exe windows x86

fa68e1b8d1e559ba960fae3e722436e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetGeoInfoW
CreateEventW
GetFileAttributesW
VirtualProtectEx
ResetEvent
GetModuleFileNameA
Heap32Next
lstrcatA
GetTickCount
GetGeoInfoW
OpenEventW
GetModuleHandleA
GetGeoInfoW
GetCalendarInfoA
GetModuleHandleW
GetGeoInfoW

wmvcore

WMCreateReader
WMIsContentProtected
WMCreateWriter
WMCreateEditor

Sections

.text
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.DATA
Size: 869KB - Virtual size: 2.2MB

IMAGE_SCN_MEM_READ