f31416b7693692199ff8ec086a3714611e3eb0b6e8b2eee7a8ca166291d93591 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f31416b7693692199ff8ec086a3714611e3eb0b6e8b2eee7a8ca166291d93591
Size

119KB
MD5

0debbc6eb76adc34588929bf1ec1e3ae
SHA1

1bd3b811b0ed9164c35dfdf2c4c4c23429dc46fc
SHA256

f31416b7693692199ff8ec086a3714611e3eb0b6e8b2eee7a8ca166291d93591
SHA512

481263971d8661007cfbd7f8b3c57725f9a6d391707962261323f55d774a4e50762e5e9cfebe55f679ce41e984fb6ba5c0a6e5b90156d5ea1b8297301f745347
SSDEEP

3072:8/c/eVcmDJTzQ37lnmA5LFUzOYwdm5jot37:8i6ANmIZUPcm5or

Score

N/A

Malware Config

Signatures

Files

f31416b7693692199ff8ec086a3714611e3eb0b6e8b2eee7a8ca166291d93591
.exe windows x86

a518057f6038fcd033ea141a6fdadd19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
DeleteFileA
GetProcessHeap
VirtualAlloc
CreateFileMappingW
Sleep
GetCurrentDirectoryW
CreatePipe
GetModuleHandleA
GetACP
DeleteFileA
SetEnvironmentVariableA
CreateEventW
FatalExit
GetStringTypeW
InitializeCriticalSection
WriteConsoleA
InterlockedExchange
SetVolumeLabelA
DeviceIoControl
DeleteFileA
GetShortPathNameA
CreateSemaphoreW

mshtml

PrintHTML
DllCanUnloadNow
ShowModalDialog
DllGetClassObject

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avdr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ