f7d87ae78670525d6f8bf90c15642337f950d75beccd29b79490e406fbdeacc5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7d87ae78670525d6f8bf90c15642337f950d75beccd29b79490e406fbdeacc5
Size

817KB
MD5

480621ec4eba7ecf41c5185906e177f2
SHA1

effd03aa61555a40de22435faa69d6215fbdd85c
SHA256

f7d87ae78670525d6f8bf90c15642337f950d75beccd29b79490e406fbdeacc5
SHA512

3083f5f9f3f5ea735ef6af3d438d74e4d3280e772f98079c3e4fa3aeeb40809ce81ed643934d82ef200611be2f2be9f2352176a4e7511c2a4638ddd077bcaa22
SSDEEP

12288:/KGhq2EwnwOhJG8ROYc9dD44viDXp3v5NjnNUfJvnRrBICgPNTAq6HURGnrMuRwP:nLGKOndMSkxdNyvPIJPlb6HXnPVX6YD

Score

N/A

Malware Config

Signatures

Files

f7d87ae78670525d6f8bf90c15642337f950d75beccd29b79490e406fbdeacc5
.exe windows x86

b6b61381f91256ef5c42b87cf69165d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
TlsFree
SetThreadPriority
lstrcpynW
GetPrivateProfileIntA
FormatMessageA
WriteConsoleA
TlsGetValue
GetCurrentThreadId
DeleteFileW
GetModuleHandleA
CreateEventW
GetModuleFileNameW
GetCommandLineA
VirtualFree
GetFullPathNameW
lstrlenW
SetCurrentDirectoryW
GetStringTypeW

aaclient

OpenKeyReader
OpenKeyReaderWriter
LoadClientAdapter
g_fnStartTransport

Sections

.text
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.data
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ