6e491e24017ff47f344d3843a086a3d3222e8dc1b4a5b02ed675e15c7a138381 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e491e24017ff47f344d3843a086a3d3222e8dc1b4a5b02ed675e15c7a138381
Size

56KB
MD5

caf29a289ad929bc05239470a9b71395
SHA1

a25bb6b8ea6405f38cfb918a52e9ca6f9b129d30
SHA256

6e491e24017ff47f344d3843a086a3d3222e8dc1b4a5b02ed675e15c7a138381
SHA512

756ae03afd0e8e922ae76c6c597f7633b614af76e8550b7fa59f2ed4a7b085b0ff29bd04f6cbcbc159334885c2888343d5d853f766405cbe9d2863fc0297b3ff
SSDEEP

768:s00ztDYzBcXavtcCSNeANv019iBrEJzrHgJDkyH2URlRAmN7AoD2tK6bnZ1zQtDT:s1Fzv3EtUFH2aXkRTZ1kCBBpXm

Score

N/A

Malware Config

Signatures

Files

6e491e24017ff47f344d3843a086a3d3222e8dc1b4a5b02ed675e15c7a138381
.exe windows x86

65a22d063fcd92a308a077e60b0479b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileApisToOEM
SetLocalTime
ReplaceFileW
EnumSystemLanguageGroupsW
BeginUpdateResourceA
SetHandleInformation
GetVolumeNameForVolumeMountPointW
ResetEvent
FoldStringA
AllocateUserPhysicalPages

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE