2a20a767c6a00c04f8e36b7ec8611ccc574314394696ea0ef229d9d563f49428 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a20a767c6a00c04f8e36b7ec8611ccc574314394696ea0ef229d9d563f49428
Size

76KB
MD5

5948da3331051b92a10bb58c073612dd
SHA1

70ae72618b44f418c3e34d415fc5faf8eba59ac5
SHA256

2a20a767c6a00c04f8e36b7ec8611ccc574314394696ea0ef229d9d563f49428
SHA512

04284e6562ab974657c73fd921d88f1db23b5f3ff771fcd89be023b531137856bc1f6ee7565bc4c186e3b13a09866fe7f6e68e268b70ddb3985709cfe42b57cd
SSDEEP

1536:TDqc75jBF35gajRK8gBEzMR6ifgvi/+gBNtuWM5BhOJEqCNAZ5roNIoZk+Q3/08P:1UrVJ4shrSp9BMGx3djBkMqhGKZTbx

Score

N/A

Malware Config

Signatures

Files

2a20a767c6a00c04f8e36b7ec8611ccc574314394696ea0ef229d9d563f49428
.exe windows x86

99b8f5b59627b83f109d6aeebc495b6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConvertFiberToThread
lstrcmpW
PrivCopyFileExW
GetProcessPriorityBoost
GetConsoleWindow
GetProcAddress
GetFileAttributesExA
WritePrivateProfileStringW
EnumDateFormatsA
GetEnvironmentStrings

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE