947a8bbb8df44039ce11f29b4ff8cb07392bc56538e9e6836f391e3d70d22d25 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

947a8bbb8df44039ce11f29b4ff8cb07392bc56538e9e6836f391e3d70d22d25
Size

146KB
MD5

6fe1a02e4fda2c6ea90d531d1c1e3dd1
SHA1

a701d6c864d7e08bde27671947756350484ec4cc
SHA256

947a8bbb8df44039ce11f29b4ff8cb07392bc56538e9e6836f391e3d70d22d25
SHA512

185401dbc43c778173f46b623cf5bc4a0aa72c1e8cfae3376d3447bde6983a20d8e9a936eaa1f9847f34fe3a2ec8b57e800352f4a54508ff2e2e4b4b716c6412
SSDEEP

3072:t7fL6ADhJ1luf+5Di2/m7V2vVPuYK5gQFF0ZN:RfL6AlEF7V2sYK5rW

Score

N/A

Malware Config

Signatures

Files

947a8bbb8df44039ce11f29b4ff8cb07392bc56538e9e6836f391e3d70d22d25
.exe windows x86

6af1922a02b6a44b6a0820a60299381b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetEnvironmentStringsW
ExpandEnvironmentStringsA
QueryPerformanceFrequency
UnmapViewOfFile
GetVersion
HeapCreate
InitializeCriticalSection
SetEndOfFile
ReadProcessMemory
DeviceIoControl
GetFileTime
LoadLibraryW
ReadFile
GetExitCodeThread
GetStartupInfoA
HeapFree
SetThreadAffinityMask
Sleep
CloseHandle
WriteConsoleA
CreateFileA
MultiByteToWideChar
GetModuleHandleA
LCMapStringA

msvcrt

__setusermatherr
memcpy
_get_heap_handle
__set_app_type
_getdrives
iswascii
_purecall
_wenviron
_adjust_fdiv
_i64tow
_outpw
_XcptFilter
_initterm
_except_handler3
_exit
_wfreopen
_scalb
_scwprintf
fclose
exit
_rmdir
isupper
_controlfp
_mbsnset
__getmainargs
memset
__p__fmode
_acmdln
_wperror
log
__p__commode
_ctime64
_close
bsearch
_fsopen
sscanf
_makepath
_wrename

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ