f1d783c0095c5d8daa4eb998c0fda34ce6ff87afb8fe16e6b81083f8fcd0ad4b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1d783c0095c5d8daa4eb998c0fda34ce6ff87afb8fe16e6b81083f8fcd0ad4b
Size

296KB
MD5

1bdf7f918a406675a6c17db5885d7a20
SHA1

d24e2dfdc8ff76175b68d55fab96fbb57e170dff
SHA256

f1d783c0095c5d8daa4eb998c0fda34ce6ff87afb8fe16e6b81083f8fcd0ad4b
SHA512

ca813eff235440963935527e94417e21faa9f92f5a386dbd08bf82c6a701970a5e07d4b35ef262b605957a737d1c07ecb0598dd66920b4dbfd067031be291641
SSDEEP

6144:C6Y/BuzrDXP3PHBfP3HLp3PHscnjbtTCWXcBPH8V6eK8+U/pQONi4tNww9:S5uzrD/3PHBfP3HLp3PHL0ZJ9eKM/pQ0

Score

N/A

Malware Config

Signatures

Files

f1d783c0095c5d8daa4eb998c0fda34ce6ff87afb8fe16e6b81083f8fcd0ad4b
.exe windows x86

17eb0ad1a780e4370eff0849712134b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindResourceA
LoadLibraryA
lstrcpyW
GetStringTypeW
DeviceIoControl
GetDiskFreeSpaceA
HeapCreate
GetLastError
ReadFileEx
InterlockedDecrement
VirtualQuery
InterlockedIncrement
lstrcatW
Heap32First
ReadConsoleA
CreateEventW
HeapReAlloc
GetDiskFreeSpaceA
GetPrivateProfileIntA
CloseHandle
SetEnvironmentVariableA

adsldpc

ADsExecuteSearch
ADsEnumAttributes
ADsCloseSearchHandle
ADsDeleteClassDefinition

uxtheme

GetThemeTextExtent
OpenThemeData
GetThemeSysSize
DrawThemeBackground
CloseThemeData
GetThemeColor
GetThemeBool
IsThemeActive
DrawThemeEdge
GetWindowTheme
CloseThemeData
GetThemeTextMetrics
SetWindowTheme
SetWindowTheme

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ