01c1b2217d92cb3306b480f336345d4a739388d9055b249769b0e76d30118ada | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01c1b2217d92cb3306b480f336345d4a739388d9055b249769b0e76d30118ada
Size

165KB
MD5

1bd0f82f911cf3b348864a448e49d851
SHA1

92d417968d14fbdd91eb0d7103f070a92653f52d
SHA256

01c1b2217d92cb3306b480f336345d4a739388d9055b249769b0e76d30118ada
SHA512

3c1f7a48d93a9e2db3f3cf8fb8ccaceacaadabb032ff9726c9dd704c3b3026c46a658233fc8b6217c67969c51a3bb09bd906fd9f639c3ef28100ddf45b305333
SSDEEP

3072:GQhZkOLfuDg0wtOqzKONqsEykRLSDzoBy5AlBu2K2rtNtJAbVUyLNpw:UOF1tZzKqqsE6wB3gr2rFKw

Score

N/A

Malware Config

Signatures

Files

01c1b2217d92cb3306b480f336345d4a739388d9055b249769b0e76d30118ada
.exe windows x86

056d9b9e4e4d0b94131b46fe91becf14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA

msvcrt.dll

memset
realloc
free
??2@YAPAXI@Z
memcpy
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??3@YAXPAX@Z
strlen
_stricmp

Exports

Exports

Hai
wuhen

Sections

DA[hO[yv
Size: 725B - Virtual size: 722B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

o2U++PA&
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

)i6l@'1U
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE