849c06c7dd09ad8b1bfe5b5d4cdf4aa8aa0cee5d880a7a879dbc77fd6eccabfc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

849c06c7dd09ad8b1bfe5b5d4cdf4aa8aa0cee5d880a7a879dbc77fd6eccabfc
Size

3KB
MD5

0567f4554c6ba413892f79f5b4670450
SHA1

7eb913f91b4cad1cb4f7b9f52003cc13e3c6675c
SHA256

849c06c7dd09ad8b1bfe5b5d4cdf4aa8aa0cee5d880a7a879dbc77fd6eccabfc
SHA512

0125e8070c70e8e6882a28d45607ace668322d1db1e8dc93696258516c7b45ee020c24da15a3b59ba868de2d832d452677a8998f2007d506d02c300fe7dc1796

Score

N/A

Malware Config

Signatures

Files

849c06c7dd09ad8b1bfe5b5d4cdf4aa8aa0cee5d880a7a879dbc77fd6eccabfc
.dll windows x86

dfe95b81ec9f210feddfc5253e21ce4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
DisableThreadLibraryCalls
ExpandEnvironmentStringsA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
MoveFileA
MoveFileExA
WinExec
lstrcmpiA

Exports

Exports

DriverProc
auxMessage
midMessage
modMessage
mxdMessage
widMessage
wodMessage

Sections

.text
Size: 1024B - Virtual size: 914B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ