d1e4045058dec30eeeda1089050219d5b90ca653ec4a2d84bc2241a87a1059ce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1e4045058dec30eeeda1089050219d5b90ca653ec4a2d84bc2241a87a1059ce
Size

252KB
MD5

0d07974447965da70d8b0a8c75833ebc
SHA1

cdca0f1ed13e3c9303c8d8fa7f1feb2bcbf77310
SHA256

d1e4045058dec30eeeda1089050219d5b90ca653ec4a2d84bc2241a87a1059ce
SHA512

fbe92f7c880d4570e196457a643af91083522f4909d0f5c973ea0f6f319c918c286ae430300537b72de03693edfc474c0443ffc4c9ed540ae131fa5edea1194a
SSDEEP

384:T0kccUiDZ/Etpma7amISgluxAEUx8JWAElyo7oDuEb/yORRt4:T0kccUyZctpxplgKUiJWAEMGof7RRt

Score

N/A

Malware Config

Signatures

Files

d1e4045058dec30eeeda1089050219d5b90ca653ec4a2d84bc2241a87a1059ce
.exe windows x86

e462f8cb89f9042210fb60a9b9960551

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

GetSystemDirectoryA
OpenProcess
Process32First
Process32Next
ReadFile
GetFileSize
TerminateProcess
lstrcatA
lstrcpynA
lstrlenA
CloseHandle
ExitProcess
CreateToolhelp32Snapshot
CreateFileA
CompareStringA
Sleep

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA

wsock32

WSAStartup
closesocket
connect
gethostbyname
htons
inet_addr
inet_ntoa
recv
send
socket

Sections

.text
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE