ed8e1addf79487669a0b16abf65dcc2779465225db6adba6cd9cefa5a1e45a18 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed8e1addf79487669a0b16abf65dcc2779465225db6adba6cd9cefa5a1e45a18
Size

40KB
MD5

e2ee8886cd1b8befb641fd2e2d80bb28
SHA1

7806af3e207c1b958953182c6c1708daf2245c97
SHA256

ed8e1addf79487669a0b16abf65dcc2779465225db6adba6cd9cefa5a1e45a18
SHA512

41cc2e2e5c61ace174a54255574086d45e7b67f9214f48f14669b9834bbe2540c70925513546b758a1d87acb76e5e80e4f177dc61cba6902ecb3531cddc4b74d
SSDEEP

384:voFdd01MwqT95RnCFU33Q8szNNcar/Fiblg5Con4G2VgiTaR4EQlziRwMalr1DMG:wFsML1CO33Z6NFTol+5BqZuR2ruTgws

Score

N/A

Malware Config

Signatures

Files

ed8e1addf79487669a0b16abf65dcc2779465225db6adba6cd9cefa5a1e45a18
.exe windows x86

68db17f525a488a97f60840c76a102ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
OpenProcess
InterlockedExchange
CreateMutexA
GetLocaleInfoA
CreateProcessA
GetCurrentProcessId
CreateEventA
CompareStringA
FreeEnvironmentStringsA
LCMapStringA
SetEvent
GlobalAlloc
RtlUnwind
GetLastError
lstrcpyA
IsBadWritePtr
GlobalLock
TerminateProcess
GlobalFree
GetEnvironmentStrings
GlobalUnlock
QueryPerformanceCounter
ResetEvent
lstrcmpiA
InterlockedCompareExchange
RaiseException
DisableThreadLibraryCalls
WaitForMultipleObjects
CloseHandle
ExitProcess
LocalFree
FormatMessageA
GetModuleHandleA
ReadFile
CreateFileA
VirtualAlloc

user32

GetDlgItem
CreateWindowExA
MessageBoxA
wsprintfA
SetWindowPos

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ