b4494ad1c383907920ae1e44fc0cbca4b225ca45d3e10ae52416d914511974e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4494ad1c383907920ae1e44fc0cbca4b225ca45d3e10ae52416d914511974e8
Size

374KB
MD5

b581a7f32225a46465b00b291dbe1e0d
SHA1

fb37fc0caa28e3e8371bb95a17be4e8928a82b59
SHA256

b4494ad1c383907920ae1e44fc0cbca4b225ca45d3e10ae52416d914511974e8
SHA512

4c13e83ad9b2bf33b29bdd694221807d910d56e46053e4a1df61fbb485919a8e37ea6025a6f9702a853c876f9cdbd8c757f8bc00c305e4abacebc04018fc4c06
SSDEEP

6144:wMmLKLVqNcpNAZlFaWq70bz+F1mVhLdfW/gEdnVwlS4JdD7/+y+nWTWOB4+Og9s4:vLVqi0biFqigERVwJdD7GeG+Olp/G

Score

N/A

Malware Config

Signatures

Files

b4494ad1c383907920ae1e44fc0cbca4b225ca45d3e10ae52416d914511974e8
.exe windows x86

6e1f282449492d5fc7a87e6f1c3ced5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualFree
VirtualProtect
GetModuleFileNameA
VirtualAlloc

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 365KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ