49fd24bb4762fc21f895a70d8127243568b17a162af20b8e2b6e6ef0c75161b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49fd24bb4762fc21f895a70d8127243568b17a162af20b8e2b6e6ef0c75161b0
Size

164KB
MD5

a1863cd5819835b0e185f9968b07c090
SHA1

093c45a88db50336f58998fb64f4d4db36459483
SHA256

49fd24bb4762fc21f895a70d8127243568b17a162af20b8e2b6e6ef0c75161b0
SHA512

882eb63090d7ef880fe25b7a539966a75aeb5a080ad7e53232e944b89555c686c74f7d3342df116015d69f8bc0bb3e525608d563fcf9a5d700437100206d6dfb
SSDEEP

3072:IDLU19G5SPbMJDdes6oEr4k2WAknwN/uKHqT0WMdWT:Iy5Pb8Is9EolHuLpT

Score

N/A

Malware Config

Signatures

Files

49fd24bb4762fc21f895a70d8127243568b17a162af20b8e2b6e6ef0c75161b0
.exe windows x86

15bbda0ab21bae421e401ff3e597ed42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
LoadLibraryA
GetCurrentProcess
LCMapStringA
CloseHandle
ExitProcess

user32

wsprintfA
CreateWindowExA
CharLowerBuffA
CloseWindow
SetWindowLongA

advapi32

RegQueryValueA
RegDeleteKeyA
RegOpenKeyA
RegEnumValueA
RegCreateKeyA
RegSetValueA
RegCloseKey
RegEnumKeyA
RegDeleteValueA

Sections

.text
Size: 146KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ