def3134b94ae5b9a3719feeb37122ed0c762a290d0a1d6b0bd1777c5840ed2c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

def3134b94ae5b9a3719feeb37122ed0c762a290d0a1d6b0bd1777c5840ed2c8
Size

205KB
MD5

2b6b1e7fe707bcca9bb04000e5399bc2
SHA1

cdb8b856da4c592d82cb36263f477fa22676ddef
SHA256

def3134b94ae5b9a3719feeb37122ed0c762a290d0a1d6b0bd1777c5840ed2c8
SHA512

6be3bd6825ae4e992b28421e553178dfd75afe4d925d0c03c43ff5cd695879c63cd21b49060ae510b7f9d64d0188f850d67569de06640d0d99cdc03726763d4e
SSDEEP

3072:iFDPC7+E1IvYZoYgbj4euq9wSSDyr7gMOQnArJXuckIlbHSNrmLWX:ajC7nGvY+njVfwSPr7AQnAcEzsmLE

Score

N/A

Malware Config

Signatures

Files

def3134b94ae5b9a3719feeb37122ed0c762a290d0a1d6b0bd1777c5840ed2c8
.exe windows x86

be9cb4b67aca12b62d75c2a186ef3ba5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
ExitProcess
CreateFileA
GetCurrentProcess
CloseHandle
LCMapStringA

user32

CreateWindowExA
wsprintfA
CharLowerBuffA
SetWindowLongA
CloseWindow

advapi32

RegSetValueA
RegQueryValueA
RegOpenKeyA
RegEnumValueA
RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegCreateKeyA
RegDeleteValueA

Sections

.text
Size: 150KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ