e49872b9b129d6333d012c0781a0bd02c972da81199e71c6b147365040f7e824 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e49872b9b129d6333d012c0781a0bd02c972da81199e71c6b147365040f7e824
Size

816KB
MD5

e3be21aeb01f0cd005d9bdd3ed8d5a6a
SHA1

ac586776464ac04770d17a5ab3379d100003c91d
SHA256

e49872b9b129d6333d012c0781a0bd02c972da81199e71c6b147365040f7e824
SHA512

f17171ce4de11c77a680b8986bf4aa11b81e1738a50ea2c61a69141a9d5f3d1fbbb9a26ecdf5d3b557dfcc82659908b6cd7cbcac1fa0593aa94e8e656d8308e7
SSDEEP

24576:oxA1RG5LQ6GrXbIwipktDsm0LTiCdINgXK/2:oxA1RaBMXbuYGL2CdugX

Score

N/A

Malware Config

Signatures

Files

e49872b9b129d6333d012c0781a0bd02c972da81199e71c6b147365040f7e824
.exe windows x86

cc5961197b80cf2759cc0bd9c58e4e2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadFile
FormatMessageW
lstrlenA
lstrlenA
lstrlenA
SetThreadPriority
GetPrivateProfileIntA
GetCurrentDirectoryA
CreateDirectoryW
lstrlenA
GetCurrentThreadId
GetModuleHandleA
VirtualFree
lstrlenA
lstrlenA
lstrcatA
lstrlenA
lstrlenA
WriteConsoleW
lstrcmpA
GetDiskFreeSpaceW
lstrlenA
TlsGetValue
lstrlenA
GetCommandLineA
GetFileSize
DeleteFileW
VirtualProtect
OpenMutexA

certcli

CAEnumFirstCA
CADeleteCertType
CAEnumNextCA
CADeleteCA

Sections

.text
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE