1a481f94fd2d7c2f6f8fd70fce706294f3b4771d29ad413d3a94347a3562838f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a481f94fd2d7c2f6f8fd70fce706294f3b4771d29ad413d3a94347a3562838f
Size

879KB
MD5

929d23018792183f842383422f3b8d41
SHA1

43c0e1f5f23d9c5f149395169f383a6b85306c8d
SHA256

1a481f94fd2d7c2f6f8fd70fce706294f3b4771d29ad413d3a94347a3562838f
SHA512

102e9640cdf2768ab2aa8ab722411c754167cac2f04dd5ce4097589059b68e6a006b3dfbab009c180eb7ba1da3b7008776d4cdbf692a594ba5bc772113260077
SSDEEP

24576:9Nuw96qpABTMgFjBgEmvO6CqMqj+1ZnARXud:9Nl9tK1MotmvObzAJ0

Score

N/A

Malware Config

Signatures

Files

1a481f94fd2d7c2f6f8fd70fce706294f3b4771d29ad413d3a94347a3562838f
.exe windows x86

ac5f67a311f387558f56e69231f4d776

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OpenEventA
CreateEventW
SetEndOfFile
Heap32First
SetEndOfFile
SetEndOfFile
VirtualProtect
GetStdHandle
GetFileAttributesA
LoadLibraryA
GetStringTypeW
SetEndOfFile
lstrcatA
GetTickCount
SetEndOfFile
GetModuleFileNameA

wmp

DllRegisterServer
DllGetClassObject
DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.data
Size: 869KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE