file[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

file.exe
Size

1.6MB
MD5

6421bedddb808e8511b70610c242c6d0
SHA1

8a7887c156f98d575fe70125cce54138dd3544ba
SHA256

867aab7a50ef65d944dae53a746b74b397ba35f78efed235ba55956011644b68
SHA512

1eb5a16acaabbb0df5abd9969bbec591e042eb4e314e6dce6e9998a6f8b3008b6a8d6054c94f29c250b2b31936a1e7e0176c20abd6fc55d15693db44edd9f39a
SSDEEP

6144:FoljSGGz2rNO3ZCGfnkJau5gRmCg1FX0CBqg1Z8FeDxbVBkGerJq:F+GGG6rNOLnedDkCKwDlVBkGerw

Score

1^/10

Malware Config

Signatures

Files

file.exe
.exe windows x86

35dfbff29e4a0286efddbe95c79a540c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
MultiByteToWide�har
GetStringTypeW
Wide�harToMultiByte
Enter�riticalSection
Leave�riticalSection
Initialize�riticalSectionEx
Delete�riticalSection
EncodePointer
DecodePointer
L�MapStringEx
Get�PInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Get�urrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformance�ounter
Get�urrentProcessId
Get�urrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDe`uggerPresent
GetStartupInfoW
�reateFileW
RaiseException
RtlUnwind
GetLastError
SetLastError
Initialize�riticalSectionAndSpin�ount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLi`rary
GetProcAddress
LoadLi`raryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
Get�ommandLineA
Get�ommandLineW
HeapAlloc
HeapFree
GetFileType
�ompareStringW
L�MapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultL�ID
EnumSystemLocalesW
�loseHandle
FlushFileBuffers
Get�onsoleOutput�P
Get�onsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
Read�onsoleW
HeapReAlloc
Find�lose
FindFirstFileExW
FindNextFileW
IsValid�odePage
GetA�P
GetOEM�P
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVaria`leW
SetStdHandle
GetProcessHeap
HeapSize
Write�onsoleW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 261KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.12xJa
Size: 586KB - Virtual size: 585KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.12xJa
Size: 586KB - Virtual size: 585KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35dfbff29e4a0286efddbe95c79a540c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 261KB - Virtual size: 264KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 8KB - Virtual size: 7KB

.12xJa Size: 586KB - Virtual size: 585KB

.12xJa Size: 586KB - Virtual size: 585KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 261KB - Virtual size: 264KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 8KB - Virtual size: 7KB

.12xJa
Size: 586KB - Virtual size: 585KB

.12xJa
Size: 586KB - Virtual size: 585KB