e1d47816dddb976b523c5c58cb23448132484b0e4a6a3d23b5aaf33ac406f217 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1d47816dddb976b523c5c58cb23448132484b0e4a6a3d23b5aaf33ac406f217
Size

825KB
MD5

0ca03b9c6b6321690e34349f35f15410
SHA1

6365ef1b948bf45991dc9158e1166f39ddcda051
SHA256

e1d47816dddb976b523c5c58cb23448132484b0e4a6a3d23b5aaf33ac406f217
SHA512

7f166f27fb5a41b4bcdd2c40adcc736a277e250e3bf138c14b189f8ab09f42eda7574b4ddeb34ccb825ff7546be5f3e9eb73bd47bec5be16e69597fd0b0e4b98
SSDEEP

24576:2m93a10k3kDc7ZOBP8j0HV0tp4E3YMVxhJT/1/hd:2mtB4lfj0Hetp6sxhJTZL

Score

N/A

Malware Config

Signatures

Files

e1d47816dddb976b523c5c58cb23448132484b0e4a6a3d23b5aaf33ac406f217
.exe windows x86

0d415d250b6be45cf686b54826e12d74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualProtect
SetEnvironmentVariableA
GetVolumeInformationW
GetPrivateProfileIntA
GetTimeFormatW
CreateMutexA
GetDriveTypeA
WriteConsoleW
lstrcatA
lstrlenA
CreateEventA
OpenEventA
FoldStringA
HeapFree
GetStringTypeA
GetDiskFreeSpaceA
GetTickCount
GetShortPathNameW

msdtcprx

DTC_XaStart
DTC_XaEnd
DTC_XaPrepare
DTC_XaOpen

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 800KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ