f68865ac653ee9a3677c4ad1d8d66f612acd92f3a9710748f60ff570a6da828b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f68865ac653ee9a3677c4ad1d8d66f612acd92f3a9710748f60ff570a6da828b
Size

815KB
MD5

eb432f6b884704523679f2d6955afee6
SHA1

6be3c68c528bf23a251d87492bbf5440baba635e
SHA256

f68865ac653ee9a3677c4ad1d8d66f612acd92f3a9710748f60ff570a6da828b
SHA512

9cd3aaf8a45698d33d72e0d3346a2c941dbedf6e9606f437e1f236b05cf75d09cdba6521d02bdc46efc5b1866109dcc07403ffbb66f65cbefa646196c40e7ec0
SSDEEP

24576:Qswtem2m2vQ8GlsdPEwwS+pdoE2x5j/sYQo:cM9vQJgEw/x5b9

Score

N/A

Malware Config

Signatures

Files

f68865ac653ee9a3677c4ad1d8d66f612acd92f3a9710748f60ff570a6da828b
.exe windows x86

c84845dd08e1dad1018a72f8911ed1f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
lstrcpynA
GetStartupInfoW
GetModuleHandleA
TlsAlloc
lstrcpynA
lstrcpynA
GetPrivateProfileIntA
SetCurrentDirectoryA
CreateEventA
FormatMessageA
DeleteFileW
lstrcpynA
GetNumberFormatA
GetModuleFileNameW
VirtualAlloc
UnmapViewOfFile
TlsAlloc
lstrcpynA
lstrlenA
GetLocaleInfoW
GetCurrentProcess
GetFullPathNameA

wavemsp

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.edata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ