dc5ad7bea7e654fd4b860e5a96db75602b992c6aa968c211de9e757a60256ec3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc5ad7bea7e654fd4b860e5a96db75602b992c6aa968c211de9e757a60256ec3
Size

818KB
MD5

0eec2a39796b66f00a21071d7f1ab1f0
SHA1

3881ef12f00e1b83be5ba5238fc5b645429a8476
SHA256

dc5ad7bea7e654fd4b860e5a96db75602b992c6aa968c211de9e757a60256ec3
SHA512

bf8b10c4b3d3d54ffba5a5413dd3907412a09fc80f9b9c892db31f4b513c79a23fcfa9799b72bfdaea34619db1e384d8e45384e1bcae59c900f1cd16942465dc
SSDEEP

24576:uHkQTCmXd68gOdG5uYf8IWAQG6bOFZCvfzDu:uHkQT5AguudxG6bNv

Score

N/A

Malware Config

Signatures

Files

dc5ad7bea7e654fd4b860e5a96db75602b992c6aa968c211de9e757a60256ec3
.exe windows x86

ce4f13792eebccf4a955fe8ac4ce0eae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
GetCurrentThreadId
SetThreadPriority
lstrcatA
GetFullPathNameW
GetModuleHandleA
GetPrivateProfileIntA
SetCurrentDirectoryW
GetModuleFileNameW
VirtualProtect
lstrlenW
SetLocaleInfoA
WriteConsoleW
VirtualQuery
GetCommandLineA
TlsGetValue
FormatMessageA
TlsSetValue
ReleaseMutex

azroles

AzAddPropertyItem
AzApplicationCreate
AzApplicationClose
AzApplicationDelete

Sections

.text
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.data
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ