23f1befa89536208933dd2b7b27e4ad513d5988b2e7de6b51129d7c038c3c9f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23f1befa89536208933dd2b7b27e4ad513d5988b2e7de6b51129d7c038c3c9f6
Size

143KB
MD5

bfebdf58adf12e9da086d0ef1444025b
SHA1

218132c1c8465cf74c6c05a26be06820492a689e
SHA256

23f1befa89536208933dd2b7b27e4ad513d5988b2e7de6b51129d7c038c3c9f6
SHA512

f92a3d50277ff160f95482e68c27e3b4e66ad7865cfef349cc5224e4d44894c1ef661d17a610ec7c38462432db12f619d8e2744e49befca36e9fd18e206de151
SSDEEP

3072:Hi97/rhdE8u5nFhZRckbpqlHrw7Ah9CDFw6nz/OYOHBN:HM7jHiFhis7Ah9CB/zshN

Score

N/A

Malware Config

Signatures

Files

23f1befa89536208933dd2b7b27e4ad513d5988b2e7de6b51129d7c038c3c9f6
.exe windows x86

403d22c08170b118986f8a6c1e98cee0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetSystemWindowsDirectoryW
GlobalReAlloc
SwitchToFiber
GetThreadSelectorEntry
TermsrvAppInstallMode
GetNlsSectionName
SetComputerNameW
GlobalFindAtomW
_lwrite
GetSystemDirectoryW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 129KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE