70ff397ddfbe575750588f9e4c7961d313a74b66b6aee3b8b578a288b47db33a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70ff397ddfbe575750588f9e4c7961d313a74b66b6aee3b8b578a288b47db33a
Size

832KB
MD5

114a20949a32b515bcae263e81e82280
SHA1

907e289ebedd57e57d5a41f03b5959c078703406
SHA256

70ff397ddfbe575750588f9e4c7961d313a74b66b6aee3b8b578a288b47db33a
SHA512

35e022a3149f67296143c3027c57809cdf627183392cc22718c2b557aa788c0e5c005ee1172378862c1b9efd8f8689e3ee6965cf24e55d08d6b8861094095fd0
SSDEEP

24576:PEiGT5By0/5PqPtP3UqNNBfdNN47sFO7UGj9lXlX/:nGT5By0/5PWtPU4y717Uw9lX

Score

N/A

Malware Config

Signatures

Files

70ff397ddfbe575750588f9e4c7961d313a74b66b6aee3b8b578a288b47db33a
.exe windows x86

8b03a093ecb6ce964fc5626c969c5534

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
lstrcatW
GetDriveTypeW
GetStringTypeA
HeapFree
GetTickCount
SetStdHandle
GetPrivateProfileIntA
GetDiskFreeSpaceA
GetTimeFormatW
SetEnvironmentVariableA
lstrlenA
GetVolumeInformationW
OpenEventW
GetShortPathNameW
GetModuleHandleA
WriteConsoleW
CreateEventA
CreateMutexA

msftedit

RichComboBoxWndProc
REExtendedRegisterClass
RichEditWndProc
RichListBoxWndProc

Sections

.CODE
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 803KB - Virtual size: 802KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE