d6b58d49379051d00c83b026431ee4c2fe36e44514419b113311bd3341301845 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6b58d49379051d00c83b026431ee4c2fe36e44514419b113311bd3341301845
Size

9KB
MD5

54d122aa12e3162b4b047748d0bf02bc
SHA1

33288b87a84db2efab7971fdc88872ab5d1bc9cf
SHA256

d6b58d49379051d00c83b026431ee4c2fe36e44514419b113311bd3341301845
SHA512

73f3f8e3b887f201828b3200810ed9b91d8bd8be69199e610ee0e258a16d33456b2d26dbfeeff5a4d443e42c98283429cc0b5af69bc58d6e9b71a4203b3e5934
SSDEEP

192:o1Zt+0GYVd8UQ0ByXkatYIR//KnVc3CNUoyo:oZ+0l6B93Kni3b

Score

N/A

Malware Config

Signatures

Files

d6b58d49379051d00c83b026431ee4c2fe36e44514419b113311bd3341301845
.exe windows x86

7be45bcd696f8a4f51d355a513dddc46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateThread
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
CloseHandle
GetShortPathNameA
GetModuleFileNameA
lstrlenA
GetLastError
CopyFileA
VirtualAlloc
VirtualAllocEx
LoadLibraryA
CreateProcessA
Sleep
TerminateProcess
GetProcAddress
GetTempPathA
GetSystemDirectoryA
GetTickCount
GetPrivateProfileStringA
GetEnvironmentVariableA
VirtualProtectEx
WriteProcessMemory
SetThreadContext
GetThreadContext
ReadProcessMemory
VirtualQueryEx
GetStartupInfoA
GetModuleHandleA

user32

wsprintfA

advapi32

OpenServiceA
OpenSCManagerA
CreateServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus

msvcrt

_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_XcptFilter
_exit
_except_handler3
strncmp
exit
__CxxFrameHandler
rand
??3@YAXPAX@Z
fopen
fclose
??2@YAPAXI@Z
fread
ftell
fseek
strstr

Sections

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE