ca4bb8f2577b69f32ddb560fad8365fc76b1ba0e942a45b48a9d21ca3a78ba51 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca4bb8f2577b69f32ddb560fad8365fc76b1ba0e942a45b48a9d21ca3a78ba51
Size

25KB
MD5

285cf0f35b003258c501d40c8c8837e5
SHA1

65cb862c2e457e6eb34050c4889a07e05f0799c4
SHA256

ca4bb8f2577b69f32ddb560fad8365fc76b1ba0e942a45b48a9d21ca3a78ba51
SHA512

67c5d2ccde926ad8dbc3361f367c8b38d46abd1dd4db9287523f3774c358bcd0271aeefc34b64d4f5ec95a4158e7cf2e7eb21158c40ffda13a941920611110ed
SSDEEP

384:HAvPAr+ajytkRu140haYrjeKMi3r1FUdHoBD7:H7qou1/hP3/UFoBH

Score

N/A

Malware Config

Signatures

Files

ca4bb8f2577b69f32ddb560fad8365fc76b1ba0e942a45b48a9d21ca3a78ba51
.exe windows x86

bdc1f9efa4d4f5104b008207428eeb8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
DeleteFileA
Sleep
FreeLibrary
WaitForSingleObject
LoadLibraryA
CreateEventA
lstrlenA
GetTempFileNameA
GetTempPathA
CloseHandle
WriteFile
CreateFileA
WinExec
GetModuleFileNameA
lstrcatA
RtlUnwind

user32

wsprintfA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rebld_i
Size: 426B - Virtual size: 426B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE