9a19211e8174bfccd69bb91625300e5bdeb88e7f15015a4171f7fb751edac033 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a19211e8174bfccd69bb91625300e5bdeb88e7f15015a4171f7fb751edac033
Size

121KB
MD5

09f754ba12eb30b372832075bed2c386
SHA1

424ef35a722fb238122ac5e4a091cc5fc6a9fcbe
SHA256

9a19211e8174bfccd69bb91625300e5bdeb88e7f15015a4171f7fb751edac033
SHA512

30d55c125044fdc174ee893ab24310dc1107371a229e6a0e4f389618b9d775629629b0c487c14b05a470667a237074485ba9cd7b251538058b7bffbd59588496
SSDEEP

1536:zfqDWcxKhgpyoTi2umxDno17Ov5elOQvnwLDvbV2QwZJutucW7wEyOLSSSSSSSSe:uCcxLqMoxOOnw7SJiu37dZC7zpYv3y9

Score

N/A

Malware Config

Signatures

Files

9a19211e8174bfccd69bb91625300e5bdeb88e7f15015a4171f7fb751edac033
.exe windows x86

2d737f59cf4bb46068e477faf6dd0e75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
CloseHandle
CreateRemoteThread
LoadLibraryA
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetSystemDirectoryA
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA

user32

FindWindowA
GetWindowThreadProcessId

shell32

SHGetFolderPathA

msvcrt

??3@YAXPAX@Z
strcat
strlen
??2@YAPAXI@Z
strcpy

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ