dc399c9d0482560145ff8fabcd3655e65e3ddd2aafe1a61b6ed7a220acd09b3e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc399c9d0482560145ff8fabcd3655e65e3ddd2aafe1a61b6ed7a220acd09b3e
Size

494KB
MD5

17711667fb43d3257e1ab6f7c21dbce5
SHA1

54eddd7721d149402d9048650bcf8b71bb7dfe2d
SHA256

dc399c9d0482560145ff8fabcd3655e65e3ddd2aafe1a61b6ed7a220acd09b3e
SHA512

9616a6dcc3bc8fd2d2983d567d1786f06582ad3b52cc745290b7913533186ef43fa86b51194d14ce66a28e40f57d79af8821bd2d0d5decef3198ded76f51ee60
SSDEEP

12288:o3uEAaSsFxglyjraKvMfMcZc4xE5Df64DROELf5F5K:sTxeivMkIm5b64cELBO

Score

N/A

Malware Config

Signatures

Files

dc399c9d0482560145ff8fabcd3655e65e3ddd2aafe1a61b6ed7a220acd09b3e
.exe windows x86

da038cc99db680bf3eb78f03393681c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

wvnsprintfW
StrCmpNIA
wvnsprintfA
wnsprintfW
PathCombineW
PathFindFileNameW
PathMatchSpecW
wnsprintfA
SHDeleteKeyA
PathFileExistsW
StrCmpNIW
PathRemoveFileSpecW
StrStrW

advapi32

RegQueryValueExA
CryptReleaseContext
RegCloseKey
RegDeleteValueA
CryptCreateHash
CryptGetHashParam
DuplicateTokenEx

Sections

.ktejkd
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dupip
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ahyj
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ