5898af48c79625ef7f8fdfa141c4e2fb9f407a12ac6cb662215b8175663031e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5898af48c79625ef7f8fdfa141c4e2fb9f407a12ac6cb662215b8175663031e0
Size

32KB
MD5

72aa5df1c079712ef592c4d3d34c3f40
SHA1

914162e538ae2e75f29eaf7d3b0543651e6526b6
SHA256

5898af48c79625ef7f8fdfa141c4e2fb9f407a12ac6cb662215b8175663031e0
SHA512

1668c848e0adfae037032e41f1f2a63c03d0897278a1a1c00e614c5473988d0f27fdd297690085decad39d2a17ab7d49dc15e65befd63325284da76e783f4185
SSDEEP

768:pIL0xYiRJqjyoSQhzcmfZwfGd97E/60o4D4V:pILIYiSj4QlTd2/to3V

Score

N/A

Malware Config

Signatures

Files

5898af48c79625ef7f8fdfa141c4e2fb9f407a12ac6cb662215b8175663031e0
.exe windows x86

699d50737009220ddcd00eba54007115

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
VirtualProtectEx
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
lstrcpyA
CreateProcessA
GetWindowsDirectoryA
DuplicateHandle
GetCurrentProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
GetComputerNameA
WriteFile
GetSystemDirectoryA
GetFileSize
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
SetFileAttributesA
ExitProcess
GetStartupInfoA
GetCommandLineA
SetFileTime
GetFileTime
CloseHandle
WaitForSingleObject
CreateRemoteThread
GetProcAddress
CreateMutexA
GetSystemTime
GetModuleHandleA
SetSystemTime
GetVersionExA
ReleaseMutex

user32

FindWindowA
wsprintfA
GetWindowThreadProcessId

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA

msvcrt

strlen
atoi
strchr
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_EH_prolog
memset
strcat
_strnicmp
memcpy
free
malloc
strcmp
strncpy

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE