ab5464a05cd6cb049c764c37a8d4dfaa33b3e57693a78cc4eaeb64ad03ceddb4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab5464a05cd6cb049c764c37a8d4dfaa33b3e57693a78cc4eaeb64ad03ceddb4
Size

815KB
MD5

31b1765d8950fd04aa33b8d36e671f6f
SHA1

962458daccf058650842a1f7ef53f284094ea55a
SHA256

ab5464a05cd6cb049c764c37a8d4dfaa33b3e57693a78cc4eaeb64ad03ceddb4
SHA512

51473f5a660932c1cbd16ba6d9eb8588d205daa82f1be90206cf50d8915813ad5f62797e887d588c092f2abda2a32d366404d6d22cbd782678539a4b41e8f073
SSDEEP

12288:qxP/+hY7YMxrILJpv9ajypWm8NHavduPHf6WU325zx4ultjLvXVWSbqZvJGI/7JC:9Y7dIjVajyGkWp5zuulFxe0a7jK5

Score

N/A

Malware Config

Signatures

Files

ab5464a05cd6cb049c764c37a8d4dfaa33b3e57693a78cc4eaeb64ad03ceddb4
.exe windows x86

db2c739a777686ce4b54c381e74ad19c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
lstrcpynA
CreateEventA
GetStartupInfoW
lstrcpynA
lstrcpynA
FormatMessageA
GetModuleHandleA
TlsAlloc
GetNumberFormatA
VirtualAlloc
TlsGetValue
DeleteFileW
lstrcpynA
GetPrivateProfileIntA
SetCurrentDirectoryA
lstrlenA
GetModuleFileNameW
GetCurrentProcess
lstrcpynA
UnmapViewOfFile
TlsAlloc
GetFullPathNameA

wavemsp

DllGetClassObject
DllCanUnloadNow
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.edata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ