018b5ff2a8fd950ac0bb36ea1d2943bb660a2af7d24d22a5172f3eea9db6cde5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

018b5ff2a8fd950ac0bb36ea1d2943bb660a2af7d24d22a5172f3eea9db6cde5
Size

817KB
MD5

273b320b8e35338a3c9ac386e7f71357
SHA1

e6ad835afad4fa219f991e6e0c6ddd08ae028b31
SHA256

018b5ff2a8fd950ac0bb36ea1d2943bb660a2af7d24d22a5172f3eea9db6cde5
SHA512

5a97e76b6df559c7b71a2c61a1903715fb37927853b5ff4d54bd886ac494d3285911f58179780aff86c9ffe1b5cc755fd889b24aba4650f325f89249ae4bc10c
SSDEEP

24576:t++wUi776vyPereUX07Y5AQoEmUv5otF+7pc9P/0:taUIkymrC7Y5G/KoM29

Score

N/A

Malware Config

Signatures

Files

018b5ff2a8fd950ac0bb36ea1d2943bb660a2af7d24d22a5172f3eea9db6cde5
.exe windows x86

aec621634daec0561adea59c25b8c56b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentDirectoryA
ReadFile
VirtualFree
SetThreadPriority
lstrcpynA
lstrcatA
VirtualProtect
FormatMessageW
WriteConsoleW
OpenMutexW
GetPrivateProfileIntA
lstrcpynA
lstrcpynA
DeleteFileW
GetModuleHandleA
lstrcpynA
TlsGetValue
GetDiskFreeSpaceW
GetFileSize
lstrcpynA
lstrcpynA
lstrcpynA
GetCurrentThreadId
lstrcpynA
lstrcpynA
GetCommandLineW
lstrcmpA
CreateDirectoryW
lstrcpynA

certcli

CAEnumNextCA
CADeleteCertType
CAEnumFirstCA
CADeleteCA

Sections

.text
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ