b7dbd23130e98bdaecd61c602a7c7278b100c896db59481cccf9064b51c8cc6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7dbd23130e98bdaecd61c602a7c7278b100c896db59481cccf9064b51c8cc6f
Size

308KB
MD5

31ad39b65bfcee9c096f6d98f59f52d4
SHA1

a922f1f05ab9e4e0a6d416f001261575a231d521
SHA256

b7dbd23130e98bdaecd61c602a7c7278b100c896db59481cccf9064b51c8cc6f
SHA512

49860f71d729e4e19ee9fb55cb1250c30e39ddee73a836108aa1905710ee1eeeee1b3135a0ca4704dcc3c0c6aa78854845797405f5cca9da896ce4e18d62d360
SSDEEP

6144:BVcON8elgWL3my/GJLc1eusFmaqRQDq6d4H4XC5mN6kL:fck5lgWrmjUeLmPRQu6dPrP

Score

N/A

Malware Config

Signatures

Files

b7dbd23130e98bdaecd61c602a7c7278b100c896db59481cccf9064b51c8cc6f
.exe windows x86

5af43eba98c7d16858a3f7f25a826b6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpynA
GetCurrentThread
UnmapViewOfFile
lstrcpynA
GetStringTypeA
GetFullPathNameA
GetPrivateProfileIntA
GetModuleHandleA
lstrcpynA
TlsAlloc
lstrcpynA
lstrcpynA
CreateEventW
GetModuleFileNameW
VirtualProtect
TlsAlloc
GetLocaleInfoW
lstrlenA
DeleteFileW
SetCurrentDirectoryA
GetNumberFormatW
TlsGetValue
FormatMessageA

wavemsp

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
DllUnregisterServer

Sections

.text
Size: 13KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.rdata
Size: 290KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE