e1981edf913a6b6ec1583b123320b88020928b14688d364691d236e02cb118fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1981edf913a6b6ec1583b123320b88020928b14688d364691d236e02cb118fc
Size

44KB
MD5

3b3a5730e00bd18cbb1e3e404d124100
SHA1

44f8b24b3f57b2f378c7602f80b252f9d3666d3d
SHA256

e1981edf913a6b6ec1583b123320b88020928b14688d364691d236e02cb118fc
SHA512

097abe0c16a75ce070acaaba8acb721116cf9258281d65e76aa27f3ad5844c3e1c758885976b52e970921c64f4037c6785c385abee3d0e5e0575a73443604617
SSDEEP

768:65ve7vgFj4Q5lK02BJqz/n3trZnNoRrOhQBw3t7H:65syj5g0mJqTRVNrkw

Score

N/A

Malware Config

Signatures

Files

e1981edf913a6b6ec1583b123320b88020928b14688d364691d236e02cb118fc
.dll windows x86

cabb76ad09239e7ab9247e2fdfbf1993

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

strcpy
_wcsnicmp
_strlwr
strcmp
RtlImageDirectoryEntryToData
RtlImageNtHeader
memcpy
strstr
sprintf
strncpy
memset
strcat
strlen
_strnicmp
wcsstr
_wcslwr
_chkstk

kernel32

LoadLibraryA
GetVersionExA
OutputDebugStringA
HeapFree
HeapReAlloc
HeapAlloc
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
ExitThread
VirtualProtect
GetModuleHandleA
GetCommandLineA

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ