a9cf2866a06aede51dfccb7f33168ff9d8fe778849408e7d36a8278231ef18bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9cf2866a06aede51dfccb7f33168ff9d8fe778849408e7d36a8278231ef18bb
Size

313KB
MD5

f75dc4f3b614c33a533b22f02897652c
SHA1

10897919a9c3c2caba49cd3e1992bed9069ad4e9
SHA256

a9cf2866a06aede51dfccb7f33168ff9d8fe778849408e7d36a8278231ef18bb
SHA512

f1b587da72531737bece47b7ea7991611514d3302f20a0900a08bd697898367ac7c0554a93d52737ddd2609c1b4e40ac8aac9d6a7097c68d3fee753baf05df78
SSDEEP

6144:s4uGe0QGLhwvTbN3Vl2XHLrLxdGGHIz7df/zMJmalLttBOyx36a46G8OHE:sDYQGL4bNllYbxdGWIPdXzUmalLnBOyI

Score

N/A

Malware Config

Signatures

Files

a9cf2866a06aede51dfccb7f33168ff9d8fe778849408e7d36a8278231ef18bb
.exe windows x86

b9cdf33a56ce7e43c004f0c772c78016

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpynW
DeleteFileW
GetModuleFileNameW
FormatMessageA
GetStringTypeW
GetPrivateProfileIntA
WriteConsoleA
GetCommandLineA
VirtualProtectEx
GetModuleHandleA
GetFullPathNameW
SetThreadPriority
TlsGetValue
CreateEventW
TlsFree
SetCurrentDirectoryW
lstrlenA
GetCurrentThreadId
VirtualFree

wmadmoe

DllRegisterServer
DllGetClassObject
DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.ndata
Size: 290KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ