d789204f8467d54ce608ef2a3b3d4fa098c70214d8ee2284a4a3a586aa51eb5f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d789204f8467d54ce608ef2a3b3d4fa098c70214d8ee2284a4a3a586aa51eb5f
Size

82KB
MD5

7abd0c13f3e9fc6c97609f844adaed7c
SHA1

5301a481a59299fffb139f2b9f388d51ca2933cd
SHA256

d789204f8467d54ce608ef2a3b3d4fa098c70214d8ee2284a4a3a586aa51eb5f
SHA512

c819cb483354b27ef46e9be667c35de5f7ab60af05cb330b514305b43f37bc7213b49c361f3d84daba20314861704835b7d11a4dd87c0ecb38747ff67d3e67a5
SSDEEP

1536:Jvw4mmTo8kOjRVcJDSY8BtGb8R6+KyMfkq9UCWH+pn:pw4RUn8jASIb8M0Mfk+pn

Score

N/A

Malware Config

Signatures

Files

d789204f8467d54ce608ef2a3b3d4fa098c70214d8ee2284a4a3a586aa51eb5f
.exe windows x86

d03cb50b1cc8363f878eafaab2904fe3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

cos
malloc
exit
_exit
_initterm
__p__fmode
__setusermatherr
free
_adjust_fdiv
__p__commode
_open_osfhandle
signal
__set_app_type
bsearch
_acmdln
_XcptFilter
_except_handler3
__getmainargs
_lock

kernel32

VirtualProtect
GetStartupInfoA
GetModuleHandleW
Sleep
RemoveDirectoryA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

koemhwx
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE