17e6797cf7b0fe7e8bf950f5597cfc3edf955bbfd2d372740a0ca4ad11308bc2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17e6797cf7b0fe7e8bf950f5597cfc3edf955bbfd2d372740a0ca4ad11308bc2
Size

306KB
MD5

9241fb517be6ecd33e4dd03be469d06b
SHA1

b5a8bee2a1cb69b100647b103c0b56da174179ad
SHA256

17e6797cf7b0fe7e8bf950f5597cfc3edf955bbfd2d372740a0ca4ad11308bc2
SHA512

8277cd9fad1096a77f47898e394174d7001b8882ff16493873b2c9403bcc99a8e90a8fc8919a3f32aa90c96644da9b953373d3e51ef3fe32642a205ee336710c
SSDEEP

6144:FVcSq4zTIdBrnPY/r1HuCvUlTJl8kriQjZdGx/zZ70mdJT/oSD+hwpeH:LcczTQrnPorACvUJ8CWZgmfTAS3

Score

N/A

Malware Config

Signatures

Files

17e6797cf7b0fe7e8bf950f5597cfc3edf955bbfd2d372740a0ca4ad11308bc2
.exe windows x86

10ed3e884c314b694cbd9039470aba1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumberFormatA
TlsAlloc
UnmapViewOfFile
lstrcpynA
GetModuleHandleA
GetPrivateProfileIntA
SetCurrentDirectoryA
lstrcpynA
TlsGetValue
DeleteFileW
GetModuleFileNameW
TlsAlloc
lstrcpynA
lstrlenA
VirtualAlloc
lstrcpynA
FormatMessageA
GetFullPathNameA
GetCurrentProcess
GetStartupInfoW
CreateEventA
lstrcpynA
GetLocaleInfoW

wavemsp

DllRegisterServer
DllUnregisterServer
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.edata
Size: 289KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ