324133d408e2750509c3a8640bf4245cdf86bc3942abe09de63fc1ef07f210f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

324133d408e2750509c3a8640bf4245cdf86bc3942abe09de63fc1ef07f210f5
Size

69KB
MD5

0f130ec1f07007363beca064a04d60f0
SHA1

3d13fcecfdaf5e391c95fae31875aa035f5df8d8
SHA256

324133d408e2750509c3a8640bf4245cdf86bc3942abe09de63fc1ef07f210f5
SHA512

3b4df4482553608b2d8afa95f53311fe8517ba374cb726c88ad4c13fd2c036304d766ef3234066138e5d1d887fae8a2f269688ce062662c5f80364266481f6ad
SSDEEP

1536:q7cbEwalI2hF7+M3Sp7xUav9FKtT8bFjmtsPdWyXeESDpucTr4:q7mrHKTTiutCpmGPtetxg

Score

N/A

Malware Config

Signatures

Files

324133d408e2750509c3a8640bf4245cdf86bc3942abe09de63fc1ef07f210f5
.exe windows x86

571141cb866b88cac0a266e1c6facd73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
LoadResource
SizeofResource
lstrcmpiW
GetStringTypeW
RaiseException
MulDiv
GetModuleHandleA
VirtualProtect
GetProcAddress
GetExitCodeProcess
GetTempPathA
GetThreadLocale
GetCurrentThread
FormatMessageA
GetFileAttributesA
lstrcmpiA
GetLocaleInfoA
SetFileAttributesA
GetVersionExA
GetVersionExW
CreateDirectoryA
GetSystemInfo
lstrcpynA
GetModuleFileNameA
CreateProcessW
DeleteFileA
RtlMoveMemory

msvcrt

__p___initenv
_except_handler3
_controlfp
_initterm
__getmainargs
__p__fmode
_adjust_fdiv
__set_app_type
_exit
_XcptFilter
__p__commode

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ