f841d123a124cbbaa683d01eb6ebf0a5f199b495671932788679593113f8ec00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f841d123a124cbbaa683d01eb6ebf0a5f199b495671932788679593113f8ec00
Size

160KB
MD5

9aa9438b6313264119207d66e8ab5aae
SHA1

412658530f7d8c6347a34f65516630e89600e687
SHA256

f841d123a124cbbaa683d01eb6ebf0a5f199b495671932788679593113f8ec00
SHA512

b20cecdbee80025b8286433f9ac6591b531a0422fbd6d49ab5b09580807e6c5ed20a16363e2cf30d685b598c460dff8b050fffed8a481059d81744ecff9e0a01
SSDEEP

3072:MzMQ9OHb0mF63PN64/DpnvaDUn3KPbG0llNYbky67vv+Kqr1:QMQ9OHb0jN5DpyE8bVlOgy673wr1

Score

N/A

Malware Config

Signatures

Files

f841d123a124cbbaa683d01eb6ebf0a5f199b495671932788679593113f8ec00
.exe windows x86

0ba42e5fc1fd1b46c9218ef299ce6d41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
ExitProcess
CreateFileA
CloseHandle
GetCurrentProcess
LCMapStringA

user32

CreateWindowExA
wsprintfA
CloseWindow
SetWindowLongA
CharLowerBuffA

advapi32

RegCreateKeyA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegQueryValueA
RegSetValueA

Sections

.text
Size: 143KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ