981fe8ab60b803d11c42fb9a341286fcd3f2ab1d45911ff0ff129ce4dd10d223 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

981fe8ab60b803d11c42fb9a341286fcd3f2ab1d45911ff0ff129ce4dd10d223
Size

197KB
MD5

0bbcf1d55eb660da93e4e6d8ec5a3d47
SHA1

c70e830db62a3f536e4d3b9e2250355a5645d46c
SHA256

981fe8ab60b803d11c42fb9a341286fcd3f2ab1d45911ff0ff129ce4dd10d223
SHA512

bb16d05ed3751f91fa6cf120babd93f34eec660c1dba8a6726cca2266f59ed4a32e7f1600c0b831a074f2060b4be55d0f1224e8b645143a61d849eb3d5445e5c
SSDEEP

3072:MmzWOlPA2PWjCWFoFFHEgCCk9rVhFfgldhU/KOGih5cTmSkC2w4:PWCWFoFpy9LW3hUTGc5cT

Score

N/A

Malware Config

Signatures

Files

981fe8ab60b803d11c42fb9a341286fcd3f2ab1d45911ff0ff129ce4dd10d223
.exe windows x86

4fec63f7fcab4ee7bcd9fd84d37fccb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetVersionExW
TerminateProcess
CreatePipe
PeekNamedPipe
GetExitCodeProcess
GetEnvironmentVariableW
WinExec
SetUnhandledExceptionFilter
SetErrorMode
DuplicateHandle
GetModuleFileNameA
OpenMutexA
CreateMutexW
ReleaseMutex
RemoveDirectoryW
MoveFileW
CreateEventW
GetTempFileNameA
GetVersion
LocalAlloc
LocalFree
HeapValidate
HeapReAlloc
HeapAlloc
HeapCreate
HeapFree
GetFileAttributesW
SetFileAttributesA
GetCommandLineA
GetModuleHandleA
GetCurrentThreadId
GetProfileStringW
GetStartupInfoA

msvcr71

fclose
fwrite
fputs
fseek
fopen
exit
realloc
free
malloc
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
atoi

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ