e05180fc5522ddbfdbdb50190439917730391a372ebd4c9b4a1d6be8ac6e492a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e05180fc5522ddbfdbdb50190439917730391a372ebd4c9b4a1d6be8ac6e492a
Size

813KB
MD5

c81ffc80fae8acd2b92f4bde25096840
SHA1

ff59327447236f486dcbdd8e10ca1fe756a32f63
SHA256

e05180fc5522ddbfdbdb50190439917730391a372ebd4c9b4a1d6be8ac6e492a
SHA512

33ed9fea44d722d2476a6cd9db22332a7ce447f4d4c433cf4b1109d9cac749f4e83e16b757b6390803939c00fc52fcae262d486b820d188c1d4c96c34edabff7
SSDEEP

24576:dzAJ+RnfsZSrqpX6Lnxnzn6K1fLY9hnIW:JC6sZDEL55lL6

Score

N/A

Malware Config

Signatures

Files

e05180fc5522ddbfdbdb50190439917730391a372ebd4c9b4a1d6be8ac6e492a
.exe windows x86

1909e078611127c9f31be8c930c4fa3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
GetModuleHandleA
FindNextVolumeW
lstrlenA
GetPrivateProfileIntA
TlsAlloc
TlsGetValue
TlsAlloc
lstrcpynA
CreateEventA
lstrcpynA
lstrcpynA
GetModuleFileNameW
GetFullPathNameA
lstrcpynA
DeleteFileW
SetCurrentDirectoryA
SetConsoleTitleW
GetLocaleInfoW
GetNumberFormatA
lstrcpynA
VirtualAlloc
GetCurrentProcess

vbscript

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
DllUnregisterServer

Sections

.text
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 796KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE