f28d68024c4ffeeaab7fd532d8369279b6b032378c88e79531ba37e2d432c29e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f28d68024c4ffeeaab7fd532d8369279b6b032378c88e79531ba37e2d432c29e
Size

155KB
MD5

384bf76980e044c615ae889e6fb93f76
SHA1

0ba90ece486df9116ee4069bb84d301e88f0fff9
SHA256

f28d68024c4ffeeaab7fd532d8369279b6b032378c88e79531ba37e2d432c29e
SHA512

9f4ff3305c0a14848909140dec940fe069b6fe00c56b7b9805833c26f9d2457e56329e363efce9c6d6e53af89048f4b5050808d96e49fccd69373ba49af18dca
SSDEEP

3072:iQhZkOLfuDg0PtOqzKONqsEykRLSDSooAo7lBu2K2rtNtJAYqzYlBu2K2rtNtJAU:YOFStZzKqqsE6Nvmgr2rF6ugr2rFB

Score

N/A

Malware Config

Signatures

Files

f28d68024c4ffeeaab7fd532d8369279b6b032378c88e79531ba37e2d432c29e
.exe windows x86

056d9b9e4e4d0b94131b46fe91becf14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA

msvcrt.dll

memset
realloc
free
??2@YAPAXI@Z
memcpy
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??3@YAXPAX@Z
strlen
_stricmp

Exports

Exports

Hai
wuhen

Sections

PAGE
Size: 725B - Virtual size: 722B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ