48ba506f499f4f730422753496008812bba826864afcd2b9137eb3e6b3581c29 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48ba506f499f4f730422753496008812bba826864afcd2b9137eb3e6b3581c29
Size

87KB
MD5

0f72113db74faaefe7657f68ca9b5c71
SHA1

14a4a6542a245f5a5e5edaf8834b63ca598517db
SHA256

48ba506f499f4f730422753496008812bba826864afcd2b9137eb3e6b3581c29
SHA512

7d37d54b354011bef1231d45bade0284e84c704a18ec626ed436948bd2ddbcb6c1c0fc75596536424c8c6a5439fcc43f9c5257868727f82ab248a809e08bee5d
SSDEEP

1536:aphe5WjBcVHMEv10wCk18B0upPVaxnSiI9HxMvGEOK2Ax4D0:aOw5EvnJ87JE9pIx25OKX4Y

Score

N/A

Malware Config

Signatures

Files

48ba506f499f4f730422753496008812bba826864afcd2b9137eb3e6b3581c29
.exe windows x86

b8ef2b4862c431094cd39d31f64d9bb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
GetSystemInfo
GetTickCount
VirtualProtect
SetFileAttributesW
GetThreadLocale
CompareFileTime
GetCommandLineA
InterlockedCompareExchange
GetEnvironmentStringsW
GetTempPathA
WaitForSingleObject
GetCurrentProcessId
DeleteFileA
InterlockedDecrement
GetExitCodeProcess
LCMapStringA
GetConsoleOutputCP
GlobalLock
ExpandEnvironmentStringsA
RemoveDirectoryA
SetFileAttributesA
LoadLibraryW
GetModuleHandleA
GetFullPathNameA
GetSystemDirectoryW
GetVersion
MultiByteToWideChar
GetStdHandle
VirtualQuery
MoveFileA
LoadResource

msvcrt

_except_handler3
_exit
_initterm
__p___initenv
_controlfp
_adjust_fdiv
__p__commode
__p__fmode
_XcptFilter
__set_app_type
__getmainargs

Sections

.text
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ