document[.]exe

General

Target

document.exe
Size

272KB
MD5

ac0883e7f47fa1d3ac23776834291819
SHA1

ec00b3eb651166984d0cb8420a7d7439b643ac31
SHA256

bdbce459a1543d1623f541663e453b2282d150914c7dff17c0c1abc7e90dc75d
SHA512

04a1694a1bd4d849a7b5a69b85e2904a213593154ea8fc084318937172be3e3ebe48c166574fb4f995cb5b0a383efa05fa4b93dd2c33f92790c2659a747703d9
SSDEEP

6144:KwMreeHPyHclvUuAUdD2N+zFvxHXnRRnAhFSdHTLi9M6l7hj:peVOXNoht/nCsdHTuM6

Score

N/A

Malware Config

Signatures

Files

document.exe
.exe windows x86

70f23ec99d6ed3670b909373a2e49f91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
MoveFileA
GlobalWire
RtlUnwind
RaiseException
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
HeapFree
HeapAlloc
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
HeapSize
LoadLibraryW
LCMapStringW
MultiByteToWideChar
GetStringTypeW

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70f23ec99d6ed3670b909373a2e49f91

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 6KB - Virtual size: 9KB

.reloc Size: 183KB - Virtual size: 183KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 6KB - Virtual size: 9KB

.reloc
Size: 183KB - Virtual size: 183KB