f2aaa0adf0b9f743705147eb2ee379bbc3abb28b8311fdd95178a354cc1653a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2aaa0adf0b9f743705147eb2ee379bbc3abb28b8311fdd95178a354cc1653a9
Size

44KB
MD5

04ca4b7a5397b8a9f7d158537df3e307
SHA1

a23aea64fc7f694dfc77d1c258f15e2797786555
SHA256

f2aaa0adf0b9f743705147eb2ee379bbc3abb28b8311fdd95178a354cc1653a9
SHA512

039c0cb596962f053c5cde126110ace365fb446155843d10d285bf7a3fefe7f7ada2a1ba79e8bae5f022a6e6967f220735cb652a960c78299b9fb97f67e177c7
SSDEEP

768:uzASEM0jC/tT+cv19t0YZGC+UsThCFd8HPu4ClWq6:69tycvZJR+UsTh2Qclj

Score

N/A

Malware Config

Signatures

Files

f2aaa0adf0b9f743705147eb2ee379bbc3abb28b8311fdd95178a354cc1653a9
.exe windows x86

f3db565e670c326a9be97cc6b2610f14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
ExitProcess
CreateRemoteThread
LoadLibraryA
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
WaitForSingleObject
CreateThread
GetProcAddress
Sleep
WriteFile
LockResource
LoadResource
SizeofResource
CreateFileA
GetModuleHandleA
CopyFileA
DeleteFileA
GetShortPathNameA
CreateEventA
OpenEventA
GetCurrentThreadId
WinExec
GetModuleFileNameA
SetFileAttributesA
VirtualAlloc
VirtualFree
Process32Next
Process32First
CreateToolhelp32Snapshot
Thread32Next
Thread32First
GetFileSize
FindResourceA
CloseHandle

user32

GetInputState
wsprintfA
VkKeyScanA
PostMessageA
GetClassNameA
GetWindowTextA
EnumThreadWindows
GetWindow
FindWindowA
GetMessageA
TranslateMessage
DispatchMessageA
PostThreadMessageA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ