dfdba38e122357a1ebe09ccd4f1a05d2e26c6552eb2f00ff854c05656411eaef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfdba38e122357a1ebe09ccd4f1a05d2e26c6552eb2f00ff854c05656411eaef
Size

207KB
MD5

a378168cee0e2720ffddc40b14c0ae87
SHA1

1bca01e8bb594dcbbfad668ca0ad2d5563f7d6c8
SHA256

dfdba38e122357a1ebe09ccd4f1a05d2e26c6552eb2f00ff854c05656411eaef
SHA512

ba6e28915b772f02c01498690d198b5df31c02b79406af5386ffa2260d819bafdec9136cbc6a85f20a14a9346a6a8a89a90c7878d833b89b381a7fee1e8d1843
SSDEEP

3072:uQhZkOLfuDg0PtOqzKONqsEykRLSDeoBmLBLARnXaC9QtKNk44a0wCQzMVTR:8OFStZzKqqsE6hQCRnXf9ae90wloV9

Score

N/A

Malware Config

Signatures

Files

dfdba38e122357a1ebe09ccd4f1a05d2e26c6552eb2f00ff854c05656411eaef
.exe windows x86

056d9b9e4e4d0b94131b46fe91becf14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA

msvcrt.dll

memset
realloc
free
??2@YAPAXI@Z
memcpy
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??3@YAXPAX@Z
strlen
_stricmp

Exports

Exports

Hai
wuhen

Sections

PAGE
Size: 1024B - Virtual size: 722B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ