34e75789978bd5251d25890cf02608c6945fe720348661708f86ad140ecafd11 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34e75789978bd5251d25890cf02608c6945fe720348661708f86ad140ecafd11
Size

814KB
MD5

c70228780ed259e370c0be6cf5ab9145
SHA1

5ccf41617399ada6c024509506a76b9e72d6e741
SHA256

34e75789978bd5251d25890cf02608c6945fe720348661708f86ad140ecafd11
SHA512

b9a4790f387acc807b1fbcb9785546f052197f2773c0b50af6561e6780d70016a4a0da13a793fa9c7577c099ca2f0fc697989f9a414103d39e33e326a4d708d9
SSDEEP

12288:Qa1CfViEwOSivksOOwoqQdo6AKdpxKzWi076MgD04BxfR8Uwz0hPtdd:7Cf2EOO3rIQ4BRh

Score

N/A

Malware Config

Signatures

Files

34e75789978bd5251d25890cf02608c6945fe720348661708f86ad140ecafd11
.exe windows x86

410951bcfca063b48c7f1d9e1609bc59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualFree
lstrcpynW
GetCommandLineA
VirtualProtectEx
GetPrivateProfileIntA
lstrlenA
TlsGetValue
GetStringTypeA
GetModuleHandleA
GetLocaleInfoW
GetNumberFormatW
GetModuleFileNameW
FormatMessageA
SetCurrentDirectoryW
GetCurrentThread
DeleteFileW
TlsFree
CreateEventW
GetFullPathNameW

wmadmod

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 13KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE