4a9be0a4e4c46c1962bf0d8b209929e97c86753546540aa02c3ffbbac70ed728 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a9be0a4e4c46c1962bf0d8b209929e97c86753546540aa02c3ffbbac70ed728
Size

436KB
MD5

0b7c264d4a2c5c0c83ac25cce298f683
SHA1

cb63d7f9f3d13477a3db05ef91ba93333e5d68a4
SHA256

4a9be0a4e4c46c1962bf0d8b209929e97c86753546540aa02c3ffbbac70ed728
SHA512

31486d4571a08319eddebf328904b69af7a46bb2ec6dd0f9944bc4b29b4a0cd13213192e7d766de4701ebc95869bf0d474fb8b991be65449462793ace36d45fe
SSDEEP

12288:LknxC89rMTKCeTtb0I0zUR2XO+1iHEfVj+r9SCuxh:LGwMryK3eI0zUgXO+1SEtKr9SCK

Score

N/A

Malware Config

Signatures

Files

4a9be0a4e4c46c1962bf0d8b209929e97c86753546540aa02c3ffbbac70ed728
.exe windows x86

12ff3188f0ab46cfdbba958eea45618e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
LCMapStringA
GetCurrentProcess
CreateFileA
CloseHandle
LoadLibraryA

user32

CreateWindowExA
CharLowerBuffA
SetWindowLongA
wsprintfA
CloseWindow

advapi32

RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegDeleteValueA
RegQueryValueA
RegEnumValueA
RegCreateKeyA
RegEnumKeyA
RegSetValueA

Sections

.text
Size: 416KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ