42aa0394ee0e5f8fb81ad240135bea04568d9536d17172e82da82a088b16eb9a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42aa0394ee0e5f8fb81ad240135bea04568d9536d17172e82da82a088b16eb9a
Size

311KB
MD5

345f10a792f87381d131b3d53856f540
SHA1

57b56d5092179c2a43097e3b2e40798ecf2e7e15
SHA256

42aa0394ee0e5f8fb81ad240135bea04568d9536d17172e82da82a088b16eb9a
SHA512

5e868e71f17907dc79c1d6b866e388f21d8aac489308b4925cec085ea5e182ca2e053ecf861f871080ee19e00cc1b26ee886594c602c8585845ba351df04f8a5
SSDEEP

6144:UDnHV5cNcRukB/CoJjGYBr+nkI6v+ByzI/jhBEnwnWIjE0iVPx:AENcRukBqoJX+T6v8ysLHmwnWB0iVPx

Score

N/A

Malware Config

Signatures

Files

42aa0394ee0e5f8fb81ad240135bea04568d9536d17172e82da82a088b16eb9a
.exe windows x86

4481bc3b4615261f6030a3ff0c162aae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
PathFileExistsW
wvnsprintfA
PathRemoveFileSpecW
wnsprintfA
StrCmpNIW
SHDeleteKeyA
StrCmpNIA
PathMatchSpecW
wvnsprintfW
StrStrW
wnsprintfW
PathFindFileNameW

advapi32

CryptReleaseContext
CryptCreateHash
RegQueryValueExA
RegCloseKey
RegDeleteValueA
CryptGetHashParam
DuplicateTokenEx

Sections

.lkdcz
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jkx
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ahizqt
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ