9bca22d7372bc9595ebc9e369232049728d0baab94cfa4084ba74e754d4c591a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9bca22d7372bc9595ebc9e369232049728d0baab94cfa4084ba74e754d4c591a
Size

165KB
MD5

5389588c84ff3a3cc3bdb4e110263390
SHA1

5bec55122c1d0a28e6f01c5561e3de01b5806383
SHA256

9bca22d7372bc9595ebc9e369232049728d0baab94cfa4084ba74e754d4c591a
SHA512

a63f5629df3567897f2b32fa0ca6c5baa9aa2a97ec37ff021d59a6eda3dd01c8a03aed96ac523a4cf89f186ecad78787a89a428ea614f8505095400da1fd02f3
SSDEEP

3072:51/NHxlHwAIfaBsFVC+LP2pJx2zCyf5j2DZse0y5tj2OqSPsChI:RQVssFVCAP2p/2zCyfVZA5Nq5m

Score

N/A

Malware Config

Signatures

Files

9bca22d7372bc9595ebc9e369232049728d0baab94cfa4084ba74e754d4c591a
.exe windows x86

4e0bf1b985d1a0152c0e9f81e0430361

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
DeleteCriticalSection
GetVersionExW
GetVersionExA
LockResource
GetAtomNameA
GlobalSize
GetPrivateProfileIntW
Sleep
LoadLibraryA
FindClose
FreeLibrary
LoadResource
MultiByteToWideChar
FindResourceW
InitializeCriticalSection
EnumResourceTypesA
GetTickCount
GlobalAlloc
GetModuleFileNameW
LoadLibraryW
MulDiv
FindCloseChangeNotification
GetModuleHandleW
GetProcAddress
GlobalLock
IsValidCodePage
FindFirstChangeNotificationW
FindFirstFileW
lstrlenW
GetCurrentDirectoryW
GlobalUnlock
FindNextChangeNotification
GetPrivateProfileStringW
WritePrivateProfileStringW
CloseHandle
GetLocaleInfoW

shell32

SHGetImageList
SHBrowseForFolderA
ShellExecuteExA
SHGetFolderPathW
SHGetFileInfoA
CommandLineToArgvW
ShellExecuteW
SHFileOperationW
SHGetPathFromIDListA
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ