8f2ca38a03407ae1384f7840c444c0d792af72e9284394c487b9afbfcb187a10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f2ca38a03407ae1384f7840c444c0d792af72e9284394c487b9afbfcb187a10
Size

817KB
MD5

a6d3e24c5dcb9f0c3eb3f885fad89891
SHA1

7198bfd70ee150e1875408de155193a476194b87
SHA256

8f2ca38a03407ae1384f7840c444c0d792af72e9284394c487b9afbfcb187a10
SHA512

ff29299be1638f9e441897c2c9ff06b2a67b1a05983a7ee1581193402f601cba27462e1bea5ac60c216da758b32f2f5cba8938cbad404afb73a94256231abae1
SSDEEP

24576:T/6VgoaakWVU5+FuhrNZ/b4Xq+EoJL68k:T/Ga2hwrx4XDEoJH

Score

N/A

Malware Config

Signatures

Files

8f2ca38a03407ae1384f7840c444c0d792af72e9284394c487b9afbfcb187a10
.exe windows x86

fd60225b6a8ea010eb7c464ccc2df55c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryW
DeleteFileW
VirtualProtect
GetCurrentThreadId
GetPrivateProfileIntA
lstrlenW
FormatMessageA
lstrcatA
TlsGetValue
TlsSetValue
GetCommandLineA
WriteConsoleW
ReleaseMutex
GetModuleHandleA
GetFullPathNameW
VirtualQuery
GetModuleFileNameW
SetThreadPriority
SetLocaleInfoA

azroles

AzAddPropertyItem
AzApplicationClose
AzApplicationCreate
AzApplicationDelete

Sections

.text
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.data
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ