a949459b831b4314f53e276bea5ad24a600fd40e5912915d45ee7ae644a7b389 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a949459b831b4314f53e276bea5ad24a600fd40e5912915d45ee7ae644a7b389
Size

219KB
MD5

c5e9de6ce3fc66693392431acadbc51b
SHA1

4fe89f86938c04785a0d11af9d4c481411ce6d35
SHA256

a949459b831b4314f53e276bea5ad24a600fd40e5912915d45ee7ae644a7b389
SHA512

0a0e55de98c3aa6839d3a49760bfd92db84c6c74ae6050d14a6f6c7b6e2e2f0a1e2c5cc1ac40ef4c306b2b4144dc84e0d5e383f78b0560bac04069cdcb7a4898
SSDEEP

6144:pCTROFuQk347kTACdgqK8lyK5M2cAKtzbPiaoAf:GwuiaAUgqK7iLgpp1

Score

N/A

Malware Config

Signatures

Files

a949459b831b4314f53e276bea5ad24a600fd40e5912915d45ee7ae644a7b389
.exe windows x64

740ed6c12d97245b957fe70666f28456

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

mouse_event
ChangeWindowMessageFilter
DdeQueryStringW
WindowFromPhysicalPoint
UnregisterHotKey
CloseClipboard
MessageBoxA
CountClipboardFormats
IsChild
ImpersonateDdeClientWindow

msvcrt

_tzset
towlower
ferror
_Getdays
wctomb_s
malloc
puts
ftell
_mktime64
tmpnam_s

kernel32

CopyFileA
GetPrivateProfileStringW
uaw_lstrcmpW
Thread32First
ExpandEnvironmentStringsA
WriteProfileStringW
FindNextFileA
VirtualAlloc
GetModuleHandleA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.au
Size: 206KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ