a4c61cbd5b17a15ea8ad9321401754fd22989c7d225f970755039fa3ccb9cd56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4c61cbd5b17a15ea8ad9321401754fd22989c7d225f970755039fa3ccb9cd56
Size

492KB
MD5

597a6be05bf48f204c06d2fbd39ba787
SHA1

bfca4e5fae7468d340c40e1fc67a11ef993e1769
SHA256

a4c61cbd5b17a15ea8ad9321401754fd22989c7d225f970755039fa3ccb9cd56
SHA512

ec65b5f2317a0f593f85dace9dbfa4b7a51f1722475ba6bf3bd9f9f1d275bbba7b1b975fbf57d4df38c6908ba4769d60d2512ec28e69de9227c3d18a1844afe6
SSDEEP

6144:n5HiPqeNifGhJqQT+yNvUwpeca9qkD8IPQNCQN+ZCnumYlMrYg1NJ1Vp8BolRpyI:xV6YQJqYRMqPiZQWMBf8Ol3hdW/+jz

Score

N/A

Malware Config

Signatures

Files

a4c61cbd5b17a15ea8ad9321401754fd22989c7d225f970755039fa3ccb9cd56
.exe windows x86

13fce65315dc5945492a32469483b268

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
PathFindFileNameW
SHDeleteKeyA
wnsprintfA
wvnsprintfW
PathFileExistsW
StrCmpNIW
StrStrW
wnsprintfW
PathMatchSpecW
StrCmpNIA
wvnsprintfA
PathRemoveFileSpecW

advapi32

DuplicateTokenEx
CryptReleaseContext
CryptCreateHash
RegCloseKey
CryptGetHashParam
RegDeleteValueA
RegQueryValueExA

Sections

.dcf
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mpwlgb
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nuv
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ