a557fa363f1bce12c415a22d1d81905cc007e12bec6fb117f48275cf9b280e09 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a557fa363f1bce12c415a22d1d81905cc007e12bec6fb117f48275cf9b280e09
Size

313KB
MD5

33ff431f3f2c4c597d1e5b404ee3d122
SHA1

55fb2baef01bff76bd686d1a614d2fb5d1aaaca8
SHA256

a557fa363f1bce12c415a22d1d81905cc007e12bec6fb117f48275cf9b280e09
SHA512

e785cdfd5e63f09e126c79a23e4dd431f0981f8e1ff15c37814427f36fd0d5c5823ab27303f28716b5e8f0f74273d4bec2e4a091a56f7c65f524cd78424993a3
SSDEEP

6144:wGe0Qbv+OdLx8d1MIWmsB8Y+1dR9vdjKXtVvcT9N01CDPZlIGJr:wYQj+oeZJs+N1dD8cBM23

Score

N/A

Malware Config

Signatures

Files

a557fa363f1bce12c415a22d1d81905cc007e12bec6fb117f48275cf9b280e09
.exe windows x86

e696d9a7caea7b9ce2641f9ea41f6466

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStringTypeW
FormatMessageA
CreateEventW
TlsGetValue
GetPrivateProfileIntA
VirtualFree
lstrlenA
GetModuleHandleA
GetCommandLineA
SetThreadPriority
VirtualProtectEx
GetModuleFileNameW
DeleteFileW
SetCurrentDirectoryW
GetCurrentThreadId
TlsFree
WriteConsoleA
GetFullPathNameW
lstrcpynW

wmadmoe

DllUnregisterServer
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

Sections

.text
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.ndata
Size: 290KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ