cd8306c6ceb7932dfb1f80ca056ab08d06a02b4883aae7e59186e22372a31d17 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd8306c6ceb7932dfb1f80ca056ab08d06a02b4883aae7e59186e22372a31d17
Size

16KB
MD5

ad36cbd7dc2584fed455159a9d07ba7f
SHA1

38c7f8dafcba7656b63a86b14099d1fde9b21a82
SHA256

cd8306c6ceb7932dfb1f80ca056ab08d06a02b4883aae7e59186e22372a31d17
SHA512

a3e39baed5e4f050d0e31b66d61e524e397d08d7997513d263efbd6f9856e3a7d9a1516fca34f59bbf7433aae0612860ba760f6380bc87e5fdb9290269edb8a8
SSDEEP

48:ytDIHVDAfmezm8d0Vj59YkqqYGCZ0WaNak1Ucc9Tn+GfA18so4a3cECGSu881Eyq:T1DEBpdO96ZXEak1U314oF3bCS3uKA

Score

N/A

Malware Config

Signatures

Files

cd8306c6ceb7932dfb1f80ca056ab08d06a02b4883aae7e59186e22372a31d17
.exe windows x86

a71497d9e1ac64fbb7702fb5d8da96bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHRegSetUSValueA

kernel32

GetModuleFileNameA
CreateToolhelp32Snapshot
CloseHandle
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
Sleep
WinExec
Process32Next
Process32First

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE