946c0a81755c98ca55af5f1800c4db0800f73aa02679c30be0ebf3cda8d6c519 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

946c0a81755c98ca55af5f1800c4db0800f73aa02679c30be0ebf3cda8d6c519
Size

316KB
MD5

52e9e328246aab828f44e29ba8839f6d
SHA1

865147b4e002ad2894aa541acd3fbbeaef11bb18
SHA256

946c0a81755c98ca55af5f1800c4db0800f73aa02679c30be0ebf3cda8d6c519
SHA512

994d58b000868d5ef76aad454db11697c92b76cc3949a7c40669029bbb00ad1d80f96b707a0746b3369d1d3fe946831ac161380530c1095d5118318c6cb14d9b
SSDEEP

6144:W87OXSRpMnp99cTd50pkCWxi9OJxlJvtiG3M8A733klG+Q8zKJ88ym:W86CRpMnPJfOJx9l3aklvWmN

Score

N/A

Malware Config

Signatures

Files

946c0a81755c98ca55af5f1800c4db0800f73aa02679c30be0ebf3cda8d6c519
.exe windows x86

bd227ba966c127e93fe82f25f211eaca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 308KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 192B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ