c6632a62a7303918121c97f367e6e73c8c49bf8801bedd47543fa08717271833 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c6632a62a7303918121c97f367e6e73c8c49bf8801bedd47543fa08717271833
Size

820KB
MD5

313c12350132866acd13283b7eae040c
SHA1

2630cc1819c871ddfeeb876040a4c2c2ee9990ff
SHA256

c6632a62a7303918121c97f367e6e73c8c49bf8801bedd47543fa08717271833
SHA512

c10e11b85ae0cd48cdf5fd887a74953e9c5e84af24e1a10311411b1da5e13218f38a9b649bf2a68473b278f19b998c82934a2b3fe4a72f12a908e44b492dd0ec
SSDEEP

24576:U6JWPVV+nV//nnGji9fU3OXIlEZHSJzx/XqNtCLSvtM:ItCV3nCi9fU3OEE5SJdscS1

Score

N/A

Malware Config

Signatures

Files

c6632a62a7303918121c97f367e6e73c8c49bf8801bedd47543fa08717271833
.exe windows x86

00a40c6f42cf1de0f60e90a628f9545d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
DeleteFileW
SetThreadPriority
GetModuleFileNameW
GetModuleHandleA
lstrlenA
SetCurrentDirectoryW
GetStringTypeW
VirtualFree
lstrcpynW
TlsGetValue
GetFullPathNameW
GetPrivateProfileIntA
VirtualProtectEx
WriteConsoleA
GetCommandLineA
CreateEventW
GetCurrentThreadId
TlsFree

aaclient

OpenKeyReader
LoadClientAdapter
g_fnStartTransport
OpenKeyReaderWriter

Sections

.text
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.data
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ