13eb0cf8b100f6232c873a25d1ce30bde859e3dae236d87864ff80065d17a015 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13eb0cf8b100f6232c873a25d1ce30bde859e3dae236d87864ff80065d17a015
Size

77KB
MD5

0f54d2a4a551f03492df5fb40339a5a6
SHA1

65ecb9dacaf87c7794923d425b1dfc4a97a2e9d3
SHA256

13eb0cf8b100f6232c873a25d1ce30bde859e3dae236d87864ff80065d17a015
SHA512

3edef5bac747107a44a4d565618acfb3634047bdce2b63bb2d95960fc81e0d65baca3633a867669b837215d5fcad00593a72723631c91fba88e434bf139b640a
SSDEEP

1536:bPs/VCyX4jjSr3n60UkgknxdAduJIyq4Ot3WlsgJ3BE3:bPqbmoRxYXyq7Is4E3

Score

N/A

Malware Config

Signatures

Files

13eb0cf8b100f6232c873a25d1ce30bde859e3dae236d87864ff80065d17a015
.exe windows x86

856acb025bfea690126ba4245970ab66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetTempPathA
FileTimeToLocalFileTime
IsBadWritePtr
GetFileAttributesA
GetVersionExW
GetExitCodeProcess
SystemTimeToFileTime
GetModuleHandleA
IsBadCodePtr
LoadResource
RtlMoveMemory
GetThreadLocale
GetProcAddress
SizeofResource
CreateProcessW
RemoveDirectoryA
FreeEnvironmentStringsW
SetHandleCount
SetStdHandle
VirtualProtect
GetCurrentThread
GetStringTypeW
GetEnvironmentStringsW
DeleteFileA
LCMapStringW

msvcrt

_controlfp
_adjust_fdiv
__p__commode
_except_handler3
__getmainargs
_initterm
_XcptFilter
__p___initenv
_exit
__set_app_type
__p__fmode

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE