71f0c6923772bbcf9726d192468dcf637e46ccc5fff2d6a35f6a84c701779c9a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71f0c6923772bbcf9726d192468dcf637e46ccc5fff2d6a35f6a84c701779c9a
Size

7KB
MD5

ae6385b04dd3bc0049e0621043969b83
SHA1

9a70cc08cd71c67980c5ab3d7f98fc988af28524
SHA256

71f0c6923772bbcf9726d192468dcf637e46ccc5fff2d6a35f6a84c701779c9a
SHA512

ca5b04147f0eda8335d06f96cce6a8b97ba526b4b38dd897db79488e2824282c3a292f2ae11afbf88f2db7f2be78595ffeb305f41e25c553a4650622ace953ce
SSDEEP

96:GlmTMNF4mfhpJijVQNzEYgEDWy/FsATi61ZYZQIbR/6UkTK8Y9Hc:GlmwHVgCNzEYgEDj/Fs61ZYZdp6rTYK

Score

N/A

Malware Config

Signatures

Files

71f0c6923772bbcf9726d192468dcf637e46ccc5fff2d6a35f6a84c701779c9a
.exe windows x86

559398b1246f3c18c513f21a971018a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetVersionExA
GetModuleFileNameA
WaitForSingleObject
ResumeThread
SetThreadContext
WriteProcessMemory
VirtualAllocEx
ReadProcessMemory
GetThreadContext
CreateProcessA

user32

CharLowerA

msvcrt

malloc
strstr
free
fclose
_filbuf
ftell
fseek
fopen

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ