d1d5b2017e1ab1fbb54f7e4278e8b6a3b439822e93a157e95a3b9dc06d152a75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1d5b2017e1ab1fbb54f7e4278e8b6a3b439822e93a157e95a3b9dc06d152a75
Size

116KB
MD5

0e440546579320d1e6d8bc272042e5fa
SHA1

91c97c18382760922606a6126606a95659ef7c7d
SHA256

d1d5b2017e1ab1fbb54f7e4278e8b6a3b439822e93a157e95a3b9dc06d152a75
SHA512

a5ec8649547d6260a58414605b74223232c86dcf5b0d85cd17d5ecff6219d880c0e664b9b10372f3f5d279bd81aff93c54f8e4003f27833498e54b611834bde6
SSDEEP

1536:dUqPs1JAol4U80s0TqNy32vTbW1DKyURqoXs0gDyNF8kJa:dUqMqolD8J3vfs2yURqoD3F8c

Score

N/A

Malware Config

Signatures

Files

d1d5b2017e1ab1fbb54f7e4278e8b6a3b439822e93a157e95a3b9dc06d152a75
.exe windows x86

d77b3ec57e50e91a483383be6bdfe32d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
WriteProcessMemory
GetProcAddress
GetModuleHandleA
VirtualAllocEx
OpenProcess
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
WriteFile
GetTempPathA
CreateFileA
GetWindowsDirectoryA
WinExec
CopyFileA
GetModuleFileNameA
Sleep
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ