a46c0385bc3b6e737a51e8ec99179ae9d735ac60f267fac6d200b890d0f6cf90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a46c0385bc3b6e737a51e8ec99179ae9d735ac60f267fac6d200b890d0f6cf90
Size

36KB
MD5

374a9ad878bafbbe961030e5bffa26d3
SHA1

02671ec7c52e1d1f8a55d8f504d075b12d1ac939
SHA256

a46c0385bc3b6e737a51e8ec99179ae9d735ac60f267fac6d200b890d0f6cf90
SHA512

13461eebeeba121ca10dbe8ad7aac9c6851af543a0a151e663f04bc951044d6a6655967a609725a8835c97b71b565ee0de0001753108ca4fb3b42b148a7bcb26
SSDEEP

768:ewZlmw1HIAIWvsHUHUBHLn4hsLLirJ99Lu3:ew7mwKt34hsilDu

Score

N/A

Malware Config

Signatures

Files

a46c0385bc3b6e737a51e8ec99179ae9d735ac60f267fac6d200b890d0f6cf90
.exe windows x86

0e396b7a8a0a3fa855f792abee514b8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateRemoteThread
ExitProcess
FindResourceA
FreeLibrary
GetDriveTypeA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
OpenMutexA
OpenProcess
ReadProcessMemory
SizeofResource
Sleep
VirtualAllocEx
WriteProcessMemory
lstrcatA
lstrcpyA
lstrlenA

user32

FindWindowA
GetWindowThreadProcessId

shell32

ShellExecuteA

Sections

.flat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ