ed0c767eeead6983dd0c393172a6ee9ac80393df9a7d002a39c7f159c616c050 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed0c767eeead6983dd0c393172a6ee9ac80393df9a7d002a39c7f159c616c050
Size

68KB
MD5

298133d5b78a61cc1620ce90f89c2dd3
SHA1

220d68ac25e294bed5664d8ed778249e8ac10a8d
SHA256

ed0c767eeead6983dd0c393172a6ee9ac80393df9a7d002a39c7f159c616c050
SHA512

e3e9ee3da495265ef29835a2656a07b5faa9b19fea5cd58baa954ff2c102d71b1b916bc4041b6b33ddf454bb9275984fdb0c629b58411c903400ddbb7e2e71a8
SSDEEP

768:sI14SCnhauJSfb9z9SDCs3vYnOoCn5rC7/QH3DTAMdYfI+pSF:sIgWb9zAvYObn5Q/QXf2g+pc

Score

N/A

Malware Config

Signatures

Files

ed0c767eeead6983dd0c393172a6ee9ac80393df9a7d002a39c7f159c616c050
.exe windows x86

cb4072b12b053179f75a8bd14b689e89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
SizeofResource
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
CloseHandle
WriteFile
CreateFileA
DeleteFileA
GetLastError
GetModuleFileNameA
GetModuleHandleA
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
SetFilePointer
ReadFile
GetFileSize
Process32Next
Process32First
CreateToolhelp32Snapshot
ExitProcess
TerminateProcess

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ywpsrbq
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE