f737bb56c498a25c5cff5c8673638f9b92246b68b182e4105f22cfb5bb9eb657 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f737bb56c498a25c5cff5c8673638f9b92246b68b182e4105f22cfb5bb9eb657
Size

354KB
MD5

006653f79f90418d04dcd01ef3fbdc01
SHA1

fa9809710a9214a10f65e9d3935128e8694963d2
SHA256

f737bb56c498a25c5cff5c8673638f9b92246b68b182e4105f22cfb5bb9eb657
SHA512

cc3d535c0d841310a263953ff8858f54e568f603680c4d343ddc9b4a94d16b68036c5429e3a0c47fcacf652343cfad7cdb6548d31d90afc1f7a8c603b7c8f2dd
SSDEEP

6144:xOFStZzKqqsE6p6CRnXf9ae90wlo5lT2iDt1fVRB19eMbx5gscNXyGIl+uU:FtZ+x/CRnP9ae90KYTh1fh1EMF5gfNXH

Score

N/A

Malware Config

Signatures

Files

f737bb56c498a25c5cff5c8673638f9b92246b68b182e4105f22cfb5bb9eb657
.exe windows x86

96136114f39573f44bf8fa9942074445

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA

msvcrt

memset
realloc
free
??2@YAPAXI@Z
memcpy
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??3@YAXPAX@Z
strlen
_stricmp

Exports

Exports

Hai
wuhen

Sections

PAGE
Size: 1024B - Virtual size: 722B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ