90406048fd1550368cebc631caf78b8d4b8dd10cb400b43f321ea637ed281c20 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

90406048fd1550368cebc631caf78b8d4b8dd10cb400b43f321ea637ed281c20
Size

816KB
MD5

30281ed4ebeb5b8dc61f7484f08b032a
SHA1

12a8ca873e22fcd012f5ff5b3e5f8f1183a51731
SHA256

90406048fd1550368cebc631caf78b8d4b8dd10cb400b43f321ea637ed281c20
SHA512

0445a71472a2d01d72ac5d135f0e7a15678ad6659992bea4a87ba6fdca8be8a2ea21948f02f1d8a1eac15be500c94817412fd8336826701635f0898f5519f967
SSDEEP

12288:llf2hLPHg1M3OoKewCyCp+hmySc3m4Rk4cIlz3EQeADxlyslILOX9qC6Re86:llOhbcoGCTAmySbyfcaeANWKX9LDL

Score

N/A

Malware Config

Signatures

Files

90406048fd1550368cebc631caf78b8d4b8dd10cb400b43f321ea637ed281c20
.exe windows x86

4b8be1e907390e90c94cb5c0b1f137b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpynA
lstrcmpA
DeleteFileW
lstrcpynA
GetDiskFreeSpaceW
lstrcatA
VirtualProtect
FormatMessageW
lstrcpynA
lstrcpynA
GetFileSize
CreateDirectoryW
lstrcpynA
GetPrivateProfileIntA
GetCurrentDirectoryA
lstrcpynA
lstrcpynA
WriteConsoleW
lstrcpynA
GetCurrentThreadId
SetThreadPriority
OpenMutexW
VirtualFree
lstrcpynA
GetModuleHandleA
GetCommandLineA
TlsGetValue
lstrcpynA
ReadFile

certcli

CAEnumNextCA
CADeleteCA
CADeleteCertType
CAEnumFirstCA

Sections

.text
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE