f547b2fdc8844fdd53fa5f09a7fd315033a978ad3f3fb055d7fefd36e601054a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f547b2fdc8844fdd53fa5f09a7fd315033a978ad3f3fb055d7fefd36e601054a
Size

111KB
MD5

4479b1fad34b982d1c9145080426e228
SHA1

a7946acfc85f662d002797f4f9281e38cf3beb80
SHA256

f547b2fdc8844fdd53fa5f09a7fd315033a978ad3f3fb055d7fefd36e601054a
SHA512

f4a64acb832cec7cfbeba77ec6974d493e8f7cf4242ba2d32f0e982f294b3d2b0c09f2f7d3bbe270d8c3a4a875b9c09b2ed063376d58aa7c8edba3af110a0c2e
SSDEEP

3072:Us3EUXwV+dqzDzH+fIUd8e08SO821rwbRFC:Us3EEwouDz9UlVJ

Score

N/A

Malware Config

Signatures

Files

f547b2fdc8844fdd53fa5f09a7fd315033a978ad3f3fb055d7fefd36e601054a
.exe windows x86

a27a5f6139028b7c85e420d67ab6f6e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentProcess
VirtualAllocEx
WriteProcessMemory
LoadLibraryA
GetProcAddress
VirtualProtect
GetProcessHeap
HeapAlloc
VirtualProtectEx
CreateThread
FindResourceA
LoadResource
LockResource
SizeofResource
VirtualAlloc
GetModuleHandleA
WaitForMultipleObjectsEx
GetCommandLineA
GetStartupInfoA

msvcrt

rand
__set_app_type
_controlfp
exit
strstr

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ