c493557bbeb493fdc9130bbe1c5cf4943cbf622ee1b7b81fbcc856ffeeab7ab0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c493557bbeb493fdc9130bbe1c5cf4943cbf622ee1b7b81fbcc856ffeeab7ab0
Size

815KB
MD5

1c7ff2c180d9812ed67a697eb1b7734d
SHA1

e22f4384e578ad3b898ed37f38fdb398b642cf4a
SHA256

c493557bbeb493fdc9130bbe1c5cf4943cbf622ee1b7b81fbcc856ffeeab7ab0
SHA512

98317846bb598a4fc82f504984c186f9239ba242bdd5b5e4b16489007e0394156643a6f28c70439bcaeda0792f1a1fbc009046496ba1826fc0acc6c3bf6fe15a
SSDEEP

24576:EstN746eKIwhuBx1IIg+fgpqRT1EIa9p:EstNUZwwI3+pJza

Score

N/A

Malware Config

Signatures

Files

c493557bbeb493fdc9130bbe1c5cf4943cbf622ee1b7b81fbcc856ffeeab7ab0
.exe windows x86

756444767a2257b5f29d80f96f4102c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
lstrcpynA
GetStartupInfoW
TlsAlloc
UnmapViewOfFile
lstrlenA
GetModuleHandleA
GetFullPathNameA
lstrcpynA
GetPrivateProfileIntA
GetLocaleInfoW
VirtualAlloc
TlsAlloc
CreateEventA
FormatMessageA
lstrcpynA
GetNumberFormatA
lstrcpynA
SetCurrentDirectoryA
GetCurrentProcess
DeleteFileW
GetModuleFileNameW
TlsGetValue

wavemsp

DllCanUnloadNow
DllGetClassObject
DllUnregisterServer
DllRegisterServer

Sections

.text
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.edata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ