50decc90e986632e31529450e69cf056e66b0bd1db68d12c9f91171823e2aabf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

50decc90e986632e31529450e69cf056e66b0bd1db68d12c9f91171823e2aabf
Size

114KB
MD5

1bc86ee06a041c26b6265e44e72c1100
SHA1

4db92703e04a4fa5f821426d96d5437643f5d009
SHA256

50decc90e986632e31529450e69cf056e66b0bd1db68d12c9f91171823e2aabf
SHA512

539b4925f95ef8f8057986176f66da75eb7c05585eba699a591880c2cd2a45eea493b6a2e695cae59e5ec4168ab01ce278b1f2ba7bbef64b8716973ce37d18bd
SSDEEP

3072:evI++KXlF09SEv3+B7zxYLKHyWP4e9tK5hh0Dr4:1fl3aOLKkevKL

Score

N/A

Malware Config

Signatures

Files

50decc90e986632e31529450e69cf056e66b0bd1db68d12c9f91171823e2aabf
.exe windows x86

176b5d6b34de72e9060f636a9f42dd06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetVersion
GetStringTypeW
GetStdHandle
GetLogicalDrives
lstrcatA
GetConsoleTitleA
GetLastError
DeleteFileW
HeapFree
SetFilePointer
GetTickCount
DeleteFileW
GetExitCodeProcess
HeapCreate
GetShortPathNameW
GetModuleHandleW
DeleteFileW
IsValidCodePage
GetDriveTypeA
HeapAlloc
GetModuleHandleA
SetEnvironmentVariableA

netshell

HrLaunchConnection
DllRegisterServer
HrCreateDesktopIcon
DllCanUnloadNow

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataz
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE