21e7c39055f7479c55d04babcd669c1d1dbf6d3693af3dd80b37c4c804638102 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21e7c39055f7479c55d04babcd669c1d1dbf6d3693af3dd80b37c4c804638102
Size

73KB
MD5

929a959691a85303fcb241651b3799f7
SHA1

6b859bacddb2df3831624cf3b275a2c1ebc26eca
SHA256

21e7c39055f7479c55d04babcd669c1d1dbf6d3693af3dd80b37c4c804638102
SHA512

109a2539d249caa02aa878402405a70bc46091b3d0d8a78b7393f3c78d8e17da623d029869318ecbaa9f95b4c28d3b5ee96bc6350e07ccdcc784153ff29dd90a
SSDEEP

1536:EAyaThO4D8JvYEVJNctDpRSVS8MhfLFFE8S4ZeRqc4tYVbEdZ0q1KnNul:EV2kNowVl6zFFEypc4tUEdl40l

Score

N/A

Malware Config

Signatures

Files

21e7c39055f7479c55d04babcd669c1d1dbf6d3693af3dd80b37c4c804638102
.exe windows x86

a9b3a143ee1af1bdab88e1322d16be1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastConsoleEventActive
VirtualAlloc
GetCommandLineW
GetProcessAffinityMask
EnumSystemCodePagesW
TermsrvAppInstallMode
GetCompressedFileSizeA
GetProcessShutdownParameters
CreateTimerQueueTimer
FindNextChangeNotification

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 58KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE