baadde20960571f50e232edbddbbffe80c846e4c9628b776f3ed590be80d7677 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

baadde20960571f50e232edbddbbffe80c846e4c9628b776f3ed590be80d7677
Size

823KB
MD5

80349a76021a486b86d0cc7afe4902f0
SHA1

2efe49c2a6b93e078fbb080d5bed4eaed48e1d3f
SHA256

baadde20960571f50e232edbddbbffe80c846e4c9628b776f3ed590be80d7677
SHA512

7f63cb1d511d3d2711eff0fbda8e30fcfa7aeec4821b5c61c0356047b7c571c47af97641c667a89e39d6c4577de1b92b5b70ff17b57d42fffd89734271683e05
SSDEEP

24576:6yDAk9/IZmrC8RP9bQiHHgCuxKHkbgQB:xAk9/Gmrlnk7vbg4

Score

N/A

Malware Config

Signatures

Files

baadde20960571f50e232edbddbbffe80c846e4c9628b776f3ed590be80d7677
.exe windows x86

83a7a0e705696aceab74c6c21a02dcf1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetLocaleInfoA
GetModuleHandleA
CreateMailslotA
DeleteFileA
GetLocaleInfoA
GetLocaleInfoA
OpenMutexA
GetLocaleInfoA
GetLocaleInfoA
GetLocaleInfoA
CreateDirectoryW
GetLongPathNameW
GetLocaleInfoA
GetLocaleInfoA
GetLocaleInfoA
CompareStringA

mswsock

rexec
sethostname
s_perror
rcmd

Sections

.code
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ldata
Size: 804KB - Virtual size: 2.2MB

IMAGE_SCN_MEM_READ