938c7a906c46cb39216966204372f979a66036757d5f6a99c73ac4c3b9d4c635 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

938c7a906c46cb39216966204372f979a66036757d5f6a99c73ac4c3b9d4c635
Size

20KB
MD5

17394b26d9390716bec0324a94fceade
SHA1

d0b38c8da6cf802273ed8adb6bcf16d474233f5b
SHA256

938c7a906c46cb39216966204372f979a66036757d5f6a99c73ac4c3b9d4c635
SHA512

ddadccd7305639f3df2c93c63f79b8cd7d2c0853de62f5c4adaaafbff3f72bd6ced1fdca74c6e1759499556776c21cb9e4e46921673a168405536c61139fe268
SSDEEP

384:1lWX5IkG/51K8cmOD9mfMc2+4KXUHY0ywDolsno0C:16CkEy/m4skc2+4a0tUlsno

Score

N/A

Malware Config

Signatures

Files

938c7a906c46cb39216966204372f979a66036757d5f6a99c73ac4c3b9d4c635
.exe windows x86

9f0b04ee1d58b04fe958ef42b057862c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
WinExec
GetModuleFileNameA
GetEnvironmentVariableA
CloseHandle
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetTempPathA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap

user32

wvsprintfA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE