0b4a9d41cd1b153915f49c62b57367685f69c84e47d5e5fd47c5af3a9c2daf5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b4a9d41cd1b153915f49c62b57367685f69c84e47d5e5fd47c5af3a9c2daf5e
Size

313KB
MD5

c6f7fd8a309e584ea9889b370f7abd91
SHA1

90bcdcfeea3f4c7f1b89a60202b1fde5e069e94d
SHA256

0b4a9d41cd1b153915f49c62b57367685f69c84e47d5e5fd47c5af3a9c2daf5e
SHA512

245971d582f98389952d0f6d7920b2e5dcf361adcd3e096fe865de240877f3128e9411b5263aaa0b3a241122655a80489216e31bf4500bf33647bacf3c61e95c
SSDEEP

6144:zlbGe0QB7mDoh4fc82z8N4LKg6N+YLEfXfL6jOtPH7zgNG:BbYQB7Qohw/c8N4Lt6NVy/tTsNG

Score

N/A

Malware Config

Signatures

Files

0b4a9d41cd1b153915f49c62b57367685f69c84e47d5e5fd47c5af3a9c2daf5e
.exe windows x86

62d0c14ca0531413c209173a47e3da4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStringTypeW
FormatMessageA
GetModuleFileNameW
CreateEventW
VirtualProtectEx
TlsGetValue
lstrlenA
SetThreadPriority
VirtualFree
DeleteFileW
GetModuleHandleA
WriteConsoleA
TlsFree
SetCurrentDirectoryW
GetFullPathNameW
lstrcpynW
GetCommandLineA
GetCurrentThreadId
GetPrivateProfileIntA

wmadmoe

DllCanUnloadNow
DllRegisterServer
DllGetClassObject
DllUnregisterServer

Sections

.text
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.ndata
Size: 290KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ