0b3ae6dbfe24346508a7185f63781d614c7021769fec4a70972840a4f274d4a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b3ae6dbfe24346508a7185f63781d614c7021769fec4a70972840a4f274d4a4
Size

306KB
MD5

a98d4eaf0bb23218aa0e7538cad783d2
SHA1

1765886a34fa2e3a5891e4557bfc5096ecbc05f0
SHA256

0b3ae6dbfe24346508a7185f63781d614c7021769fec4a70972840a4f274d4a4
SHA512

37e806a454f276dbae7e40281a9c85c9927937093be6ae841a88667a3caa96f66a06af63a9bd47b591a0cb372494364160b301c8d0b47e10bced3bbd51979cae
SSDEEP

6144:zVc2PqsgH2sVnHctKkOjyvp9o4KQYgipaqVUC1v/pewTLDi:5cp2MnaBvTrPsv/3/i

Score

N/A

Malware Config

Signatures

Files

0b3ae6dbfe24346508a7185f63781d614c7021769fec4a70972840a4f274d4a4
.exe windows x86

555aeefb98e7d14a81aefbe0c689215b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TlsAlloc
lstrcpynA
lstrlenA
GetModuleHandleA
lstrcpynA
GetLocaleInfoW
GetStringTypeA
GetCurrentThread
lstrcpynA
lstrcpynA
GetVersionExA
GetFullPathNameW
VirtualProtect
TlsGetValue
GetPrivateProfileIntA
GetModuleFileNameW
GetNumberFormatW
CreateEventW
GetTimeFormatA
SetCurrentDirectoryA
FormatMessageA
DeleteFileW
lstrcpynA
UnmapViewOfFile
TlsAlloc

wavemsp

DllRegisterServer
DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 13KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.rdata
Size: 290KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE