caaf1a712da8b9a72b326a1c79416613def8827240d449a86f928769c3426f6d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

caaf1a712da8b9a72b326a1c79416613def8827240d449a86f928769c3426f6d
Size

820KB
MD5

844487950af49c94f22460dd564e3ba1
SHA1

8f2dd41ce140849ee76bdc6f6de692b407e2050f
SHA256

caaf1a712da8b9a72b326a1c79416613def8827240d449a86f928769c3426f6d
SHA512

ff9f8b48ebd47b777e79efcd6763c9d1502e7035168886fc3c3636dff3328d2b9f93151b204a1f5ae48ac376b106aca190e83310353aaae2a831f2b8afd5ba57
SSDEEP

24576:1MWLa127AI1OneaCi01TAcYbc6qMIuF5xdp6:c12InhD0nY5qpydp

Score

N/A

Malware Config

Signatures

Files

caaf1a712da8b9a72b326a1c79416613def8827240d449a86f928769c3426f6d
.exe windows x86

093e1f46157b8e1a6af665722eef232f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
lstrcpynW
GetCommandLineA
GetCurrentThreadId
GetPrivateProfileIntA
SetCurrentDirectoryW
GetStringTypeW
GetFullPathNameW
FormatMessageA
SetThreadPriority
VirtualFree
WriteConsoleA
DeleteFileW
CreateEventW
TlsFree
TlsGetValue
VirtualProtectEx
GetModuleFileNameW
lstrlenA

aaclient

OpenKeyReaderWriter
LoadClientAdapter
g_fnStartTransport
OpenKeyReader

Sections

.text
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.data
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ