917fbeae85c8b9772fe31ba1967ba37f4595fe76829b9cff6d28b07efb8b6d83 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

917fbeae85c8b9772fe31ba1967ba37f4595fe76829b9cff6d28b07efb8b6d83
Size

14KB
MD5

eb3aec9e0abefa36bda2f2b61aa49537
SHA1

1bc1c384c759694a10d5205c2d5f5f4db291fa61
SHA256

917fbeae85c8b9772fe31ba1967ba37f4595fe76829b9cff6d28b07efb8b6d83
SHA512

946acc64e8979c797353818d0bacdfb47fa6ded6c15ec865df4d3192dae2dd96a1da64afb459a0a795d20efa13744c487883b87d31c0eb2045a91240cf945e30
SSDEEP

192:hKm1IU9GvltiZ1M1WBB1uC6aP+DasTDbN0oLE:vNG9eM1Wz87n/E

Score

N/A

Malware Config

Signatures

Files

917fbeae85c8b9772fe31ba1967ba37f4595fe76829b9cff6d28b07efb8b6d83
.exe windows x86

d218841e5b450004b2b56b394b8ff6af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
CloseHandle
ResumeThread
SetConsoleCP
GetModuleHandleA
HeapCreate
GetTickCount
Sleep
VirtualProtect
lstrlenW
GetTimeFormatA
CreateEventA
GetStartupInfoA
GetCommandLineA
OpenMutexA
CloseHandle
HeapDestroy
GetModuleFileNameW
SetEvent
ReleaseMutex

advapi32

ClearEventLogW
RegQueryValueW
IsTextUnicode
IsValidSid
ControlService
CreateProcessAsUserA
RegCreateKeyExW
RegEnumKeyA
IsValidSecurityDescriptor
RegDeleteValueA
InitializeSid
IsValidAcl
CreateServiceW

msvcirt

??0Iostream_init@@QAE@XZ
??0Iostream_init@@QAE@XZ
??0Iostream_init@@QAE@XZ
??0Iostream_init@@QAE@XZ

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE