75e275c37537ddb56d59e37443ae6b900fc19c009bd894bb81d857d8251f94dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75e275c37537ddb56d59e37443ae6b900fc19c009bd894bb81d857d8251f94dd
Size

9KB
MD5

10358a72dfeff88ff5f4636fef02a023
SHA1

d8fda9d090444ad63c48d7938ddcf0f31c746917
SHA256

75e275c37537ddb56d59e37443ae6b900fc19c009bd894bb81d857d8251f94dd
SHA512

d446017a2149be89fb6d2b500447dd789f19055528d276e1f1defbd384691c278b3964d575ccb3862b45877af0bfd1652a1580fa977d16a61e6910dd546d9506
SSDEEP

192:Expg0ocf+fnDfdczdVRk3ddRcda/jdE4a1WJeVRz:ExpVoM+fzd1PWdaW4wWoRz

Score

N/A

Malware Config

Signatures

Files

75e275c37537ddb56d59e37443ae6b900fc19c009bd894bb81d857d8251f94dd
.exe windows x86

a634ab18f68c542cda9edc8bdab675a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

stealth.shared

CheckAPIHook
SendMail
WaitForCotnection
FileExists
RegVerifyVal
RegCreateVal
APIHook

kernel32

ProcKey32Firvt
ExitProcKey
OpetProcKey
lstrcpyA
lstrcmpiA
lstrlenA
WriteFile
CloseHandle
CopyFileA
CreateFileW
CreateToolhelp32Snapshot
Sleep
lstrcatA
ProcKey32Next
SetFilePointer

ws2_ee

WSAStartup

user32

GetWindowTextA

Sections

code
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE