0e4af009b08cf5fb01a1d9a5e76e49f92030baf3cd932181e505ef36b2fd2b3f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e4af009b08cf5fb01a1d9a5e76e49f92030baf3cd932181e505ef36b2fd2b3f
Size

75KB
MD5

3cc346ee53c3278d04ccd8ce7107e14d
SHA1

9f9e543cb47c0e41c2d405ffcf510c3b3e6b85e3
SHA256

0e4af009b08cf5fb01a1d9a5e76e49f92030baf3cd932181e505ef36b2fd2b3f
SHA512

fee11f57df0e4449ccdbcdc3ee7bc2dea47f3e7d2e47a6e4339afacc5f70fd6ed0936ed2fbb3d2e58ca31f579866cceace899a8fe238478152e900eb5b3f93f0
SSDEEP

1536:e71I6PqNoF1noWHy3xCVqgCwJxu0frpcEh4G8/IXTaoV0MeheJAd8ZJY:2PoWt8twKaqYf8/ytZeQc8Z

Score

N/A

Malware Config

Signatures

Files

0e4af009b08cf5fb01a1d9a5e76e49f92030baf3cd932181e505ef36b2fd2b3f
.exe windows x86

029c9165f1e6d2f398d065e8f7f4df30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TlsFree
GetPrivateProfileIntA
SetCurrentDirectoryW
FormatMessageA
TlsGetValue
lstrcpynW
GetCommandLineA
GetLocaleInfoW
GetModuleHandleA
lstrlenA
GetStringTypeW
GetCurrentThread
VirtualProtectEx
GetModuleFileNameW
VirtualFree
GetFullPathNameW
CreateEventW
DeleteFileW
WriteConsoleA

wmadmoe

DllUnregisterServer
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 13KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.udata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ