df8598a226b6f13a057e6087ac080b7d481b07848d41db14cd95ae973e0d8869 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df8598a226b6f13a057e6087ac080b7d481b07848d41db14cd95ae973e0d8869
Size

916KB
MD5

2eeb666959f300ffcd45a28972f77fbb
SHA1

6f4860b8afd598292eda236b8fd11c79e7c99b28
SHA256

df8598a226b6f13a057e6087ac080b7d481b07848d41db14cd95ae973e0d8869
SHA512

ccd87d555662ea20d6874257cc11864b93f546963cb5becc2459b9fe13571193561570289b1c34310625a48cd411cd925d293cc2def9cd5fb3efdad32fbc70b1
SSDEEP

12288:Gn+Y58eoqD3Th9keUI7xiK+bYers9HJu9T5:C8XI7xijYJ9HJ4

Score

N/A

Malware Config

Signatures

Files

df8598a226b6f13a057e6087ac080b7d481b07848d41db14cd95ae973e0d8869
.exe windows x86

9356d3cecc215eb33dc86a608ebcfbeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetLastError
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetTempPathA
WinExec
SizeofResource
LockResource
LoadResource
FindResourceA
MoveFileExA
GetModuleFileNameA
GetTempFileNameA
GetCurrentDirectoryA
GetModuleHandleA
GetStartupInfoA

msvcrt

fwrite
fopen
strchr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_vsnprintf
fclose

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 900KB - Virtual size: 899KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ