effe688d61567d5ed92eca934eefee66e695a62934361d5024acba5b8c1c79a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

effe688d61567d5ed92eca934eefee66e695a62934361d5024acba5b8c1c79a5
Size

263KB
MD5

e3af0300428b55748fffeb693d42718b
SHA1

d1d2dc0cf440d03567d6ff8cdb2b47c934f11d94
SHA256

effe688d61567d5ed92eca934eefee66e695a62934361d5024acba5b8c1c79a5
SHA512

ed2ac6c6eea2d6a51459ee76efbafae0c458c8382089926d983e6bb498e04d0317c88a8710ddb4d1f8b1fd7741252fdfa0536ffff8fd4b16fe63cddee2e3fb2b
SSDEEP

6144:vusLvf7smv7RDTeAtIrP14eiB4WO8RkcFwbHvNQUNPV:v10QDVsN4eS4tNOwbFQsV

Score

N/A

Malware Config

Signatures

Files

effe688d61567d5ed92eca934eefee66e695a62934361d5024acba5b8c1c79a5
.exe windows x86

41507753530d76bf751bd1509806ec8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

Sections

CODE
Size: 256KB - Virtual size: 724KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE