96981e479cfbb9e9fb9fdf965e0a34681093019b7db558b2e8ccebca818864ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96981e479cfbb9e9fb9fdf965e0a34681093019b7db558b2e8ccebca818864ed
Size

6KB
MD5

77c98df1e39e2827b8db564534e32188
SHA1

8904868c58ad669416d29e5c94945a849c32c64c
SHA256

96981e479cfbb9e9fb9fdf965e0a34681093019b7db558b2e8ccebca818864ed
SHA512

6dfe2eccf3a230f66cde5726b43ed1b25af60be08d4820e2da406f768a81d9bc6a2ffe22daeecea2ff8681b4cb6d07086a2d993e0b0daa4c15726fe9fbece2d0
SSDEEP

192:upEKHfhjnukcd6GfFKdKNPDoVT77Yyn/:ERvsFK+UYy/

Score

N/A

Malware Config

Signatures

Files

96981e479cfbb9e9fb9fdf965e0a34681093019b7db558b2e8ccebca818864ed
.exe windows x86

56f0751dcb00e24e962fa107fd1d6329

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetFileAttributesA
lstrcatA
GetProcAddress
SetEvent
GetModuleFileNameA
CloseHandle
lstrcpyA
SetFileAttributesA
WaitForSingleObject
CompareStringA
ExitProcess
GetModuleHandleA
CreateEventA
LoadLibraryA
Process32First
CreateToolhelp32Snapshot
RtlUnwind

user32

GetForegroundWindow
IsWindow

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE