b16422ed5bbf7bb100cd754fa68a860d0d4ff33deece494c8c1caa72be4ab1e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b16422ed5bbf7bb100cd754fa68a860d0d4ff33deece494c8c1caa72be4ab1e9
Size

238KB
MD5

342bac97b5fd09743c0a2f1b7e079948
SHA1

c3772025dcf2c28e2aae827dd390bdfcb72d2ec0
SHA256

b16422ed5bbf7bb100cd754fa68a860d0d4ff33deece494c8c1caa72be4ab1e9
SHA512

985adf9b6e58a47ee007d7b0327415ed149798dedfc8f2acfac0e6d3530da7284e3eb324f40da349e3e3a2481f8eed1cf559b60cbddc1b758496e1672e4c3df8
SSDEEP

3072:DXG3iMjacMb41wgp4bzMHsyzsTa2bObKcD5fcsQd6i8Uxi405T+3eupeNyjz9DQc:jGSMjagp71zwqbK+zQM40l1kFLft7

Score

N/A

Malware Config

Signatures

Files

b16422ed5bbf7bb100cd754fa68a860d0d4ff33deece494c8c1caa72be4ab1e9
.exe windows x86

2cbe8ea1939eb003676049e1e8f8248b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
IsBadHugeReadPtr
NumaVirtualQueryNode
EnumSystemLanguageGroupsA
SetThreadUILanguage
CompareStringW
GetCommProperties
CreateActCtxA
GetWindowsDirectoryA
GetShortPathNameA
InitializeCriticalSection

ole32

OleQueryCreateFromData
CoRevertToSelf
CoLoadLibrary
STGMEDIUM_UserSize
HMETAFILE_UserMarshal
OleCreateLinkFromData
OleRegEnumFormatEtc
OleDuplicateData
HBRUSH_UserMarshal
CreateFileMoniker
HMENU_UserFree
HACCEL_UserSize
StgPropertyLengthAsVariant
HMENU_UserMarshal

gdi32

EngQueryEMFInfo
DdEntry56
SetTextCharacterExtra
GdiGetLocalDC
UpdateICMRegKeyW
DdEntry42
GdiConvertToDevmodeW
DdEntry14
Rectangle
AddFontResourceTracking
GdiAlphaBlend
SetICMMode
GdiEndPageEMF
XLATEOBJ_hGetColorTransform

Sections

.text
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE