b2884e1bc507af413dc9c2ede04f1577993fd5990855f0dd685eaee6d399d67a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2884e1bc507af413dc9c2ede04f1577993fd5990855f0dd685eaee6d399d67a
Size

75KB
MD5

147eb47fcaf532de71f9a4344d49c9be
SHA1

bf8dae513eb0368e0f1dc198df1b89ee883af5f1
SHA256

b2884e1bc507af413dc9c2ede04f1577993fd5990855f0dd685eaee6d399d67a
SHA512

1438287df4cbe440b2a2fa3086a4fd8a3f784bfbb63abba7abbe9c16d84b6941c7bdf36a54fa9cfe12ea38bf9d366140f55dbc3a21540f66a5b21407713ba4d3
SSDEEP

1536:sBDMN9DyHuFQYfefo71TGlRCRetFv+CdWmtpAM6:MocOFlefoNUtFymtpv6

Score

N/A

Malware Config

Signatures

Files

b2884e1bc507af413dc9c2ede04f1577993fd5990855f0dd685eaee6d399d67a
.exe windows x86

cfbaf5689a6dc1b762fd100dd8bee64f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
GetCommandLineW
RtlMoveMemory
GetVersion
lstrlenW
GetExitCodeProcess
SystemTimeToFileTime
IsValidCodePage
GetTempFileNameA
GetDriveTypeA
lstrlenA
InterlockedDecrement
IsDebuggerPresent
FlushFileBuffers
SizeofResource
DeleteFileA
GetModuleHandleA
VirtualProtect
ExpandEnvironmentStringsA
RtlUnwind
LoadResource
GetFileAttributesW
GetSystemTime
GlobalUnlock
GetTempPathA
RemoveDirectoryA
SetErrorMode
GetCommandLineA
LocalFileTimeToFileTime
GetProcAddress
DeleteFileW
GetThreadLocale
RaiseException
lstrcpynA
GetCurrentThread

msvcrt

__set_app_type
_XcptFilter
__getmainargs
_controlfp
_exit
_except_handler3
__p__commode
__p___initenv
__p__fmode
_initterm
_adjust_fdiv

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ