de39da33351fa516544486c8b7511e5c9798d93389024e6f9c2042d04504eb0f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de39da33351fa516544486c8b7511e5c9798d93389024e6f9c2042d04504eb0f
Size

816KB
MD5

103aa3e21899600bb5e9b98575cfdc96
SHA1

64e67f8993d22ba2e4fec7054a9c55340ceaf736
SHA256

de39da33351fa516544486c8b7511e5c9798d93389024e6f9c2042d04504eb0f
SHA512

1e90a017e228508512042d4ac5ee8c9f57a51e52759823f9ffdad2a2e0a47cdf12612b3b003566fd9e44580d46143a258c8698037b021208ac3938d99d626f03
SSDEEP

12288:FVppmnzwe/EsUuaPvV4+Tov8ziSH3+JHyjmQKjJqskF0E87zTJgmwletVcBc:bHmzweBkbTZHOJHnVhk6prJgr1c

Score

N/A

Malware Config

Signatures

Files

de39da33351fa516544486c8b7511e5c9798d93389024e6f9c2042d04504eb0f
.exe windows x86

0f8f434eb4de981601f1c5987a0cee26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenA
lstrlenA
GetFileSize
TlsGetValue
lstrlenA
SetThreadPriority
lstrlenA
lstrcmpA
lstrlenA
OpenMutexA
FormatMessageW
VirtualFree
lstrlenA
lstrcatA
ReadFile
lstrlenA
GetPrivateProfileIntA
GetCommandLineA
GetCurrentThreadId
lstrlenA
CreateDirectoryW
WriteConsoleW
lstrlenA
VirtualProtect
GetModuleHandleA
GetCurrentDirectoryA
GetDiskFreeSpaceW
lstrlenA
DeleteFileW

certcli

CADeleteCA
CAEnumFirstCA
CADeleteCertType
CAEnumNextCA

Sections

.text
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE