977ea7e3d7e2455b01b7a0d5db1dcd472a1d50795302c0e49f2824fb71b9c485 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

977ea7e3d7e2455b01b7a0d5db1dcd472a1d50795302c0e49f2824fb71b9c485
Size

20KB
MD5

37bc4cf3f73eb3298a45b0c125a5eb5f
SHA1

4be31102d2bd239a125868d01ab04d5b5d9140e5
SHA256

977ea7e3d7e2455b01b7a0d5db1dcd472a1d50795302c0e49f2824fb71b9c485
SHA512

f2249b4eca1c4f3641aa586e96c476f02f49f979e111ee6ed920b414c16bcf7fc98d4b8ced8d98b122afbacf097020a076ddd03b08a8225db032ea91e01b9b37
SSDEEP

192:GOpWTihQW3Tq3Ne2OziseJWEwVGaxfP1oynM+6:GOVD3TKvGBn1K+6

Score

N/A

Malware Config

Signatures

Files

977ea7e3d7e2455b01b7a0d5db1dcd472a1d50795302c0e49f2824fb71b9c485
.exe windows x86

7f9942e9f598ae40dee58d52d531a913

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord541
ord940
ord540
ord2818
ord6779
ord4202
ord6283
ord6143
ord665
ord3790
ord354
ord860
ord536
ord6883
ord939
ord801
ord800
ord4129
ord5683
ord4277
ord858
ord537
ord6930
ord941
ord535
ord6282

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__p___argc
__p___argv
atol
srand
time
rand
__CxxFrameHandler
_mbslwr
_stricmp

kernel32

GetModuleFileNameA
Sleep
GetTickCount
WinExec
MoveFileExA
CreateDirectoryA
GetLastError
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleHandleA
GetStartupInfoA
GetSystemDirectoryA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE