c9b245e82d4169ca50c34851fd75a07169102b3db0cf61ff5f855b6763f8454e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9b245e82d4169ca50c34851fd75a07169102b3db0cf61ff5f855b6763f8454e
Size

296KB
MD5

4a75488b471c5ea005ab5b13a26f4cf4
SHA1

680fd043b3bb633ff3fb39655f860cafc847c619
SHA256

c9b245e82d4169ca50c34851fd75a07169102b3db0cf61ff5f855b6763f8454e
SHA512

5f59281a7712916a66ff0f45eabfb5654cc3d39e38138e4822f93a45628aea7b5363443cb3c185202efb19a8012f271a443548680490b0490daf5569c9ab74a7
SSDEEP

6144:2/BuzrDXP3PHBfP3HLp3PH+kOLqvNofPQ+t4fyVv8/5bTs5Lmv8WpK8I5D:25uzrD/3PHBfP3HLp3PHWIofPQ+wn/5a

Score

N/A

Malware Config

Signatures

Files

c9b245e82d4169ca50c34851fd75a07169102b3db0cf61ff5f855b6763f8454e
.exe windows x86

8b2686118a1081626d60c27da3f62c9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualQuery
InterlockedDecrement
ReadConsoleA
HeapCreate
Heap32First
DeviceIoControl
lstrcpyW
CreateEventW
HeapReAlloc
SetEnvironmentVariableA
GetStringTypeW
GetLastError
GetPrivateProfileIntA
GetDiskFreeSpaceA
ReadFileEx
LoadLibraryA
FindResourceA
InterlockedIncrement
CloseHandle
lstrcatW
GetDiskFreeSpaceA

adsldpc

ADsExecuteSearch
ADsCloseSearchHandle
ADsDeleteClassDefinition
ADsEnumAttributes

uxtheme

CloseThemeData
SetWindowTheme
CloseThemeData
IsThemeActive
GetThemeTextExtent
DrawThemeBackground
GetThemeColor
OpenThemeData
GetThemeBool
GetThemeSysSize
DrawThemeEdge
GetThemeTextMetrics
GetWindowTheme
SetWindowTheme

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ