b9cbd9f20d4b96da48bc7ed67e9f088c10c4d618dda6ab33f61030dcfee4feed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9cbd9f20d4b96da48bc7ed67e9f088c10c4d618dda6ab33f61030dcfee4feed
Size

10KB
MD5

4020e0a48cd0a20082ca5f25544d8c02
SHA1

b93d324c5ace557a6bd5292efc47ee2af90f8ea9
SHA256

b9cbd9f20d4b96da48bc7ed67e9f088c10c4d618dda6ab33f61030dcfee4feed
SHA512

2b50b48f52fce1f7311594bd4f5ecaea774b6ec806ad66825513ecec7931ffba5222dc38dc6b59f564ecbf69cc39ee708648d7fc5f81c9c4b9525aba638176e9
SSDEEP

192:i4vb1Q7yvz4XJ+T7LXZH/ok16G6U4G4F975z5JQP:x27+DN/ok//jA9R5U

Score

N/A

Malware Config

Signatures

Files

b9cbd9f20d4b96da48bc7ed67e9f088c10c4d618dda6ab33f61030dcfee4feed
.dll windows x86

1e8665c92ab206ad146e7dc71835be7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetProcAddress
LoadLibraryA
FreeLibrary
lstrcpyA
OpenProcess
CloseHandle
lstrcmpiA
ReadProcessMemory
DisableThreadLibraryCalls

msvcrt

malloc
??3@YAXPAX@Z
__CxxFrameHandler
free
_initterm
??2@YAPAXI@Z
_adjust_fdiv

Exports

Exports

GetModuleFirst
GetModuleHandleEx
GetModuleNext
GetNumberOfModules
GetNumberOfProcesses
GetProcessBaseSize
GetProcessFirst
GetProcessNext
GetProcessPath
GetProcessPathID

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ