dad6acb1d2cb67135b9b442643086c01af5ef320d6db40c0f4913ba3d3b3e4f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dad6acb1d2cb67135b9b442643086c01af5ef320d6db40c0f4913ba3d3b3e4f6
Size

70KB
MD5

7a264ab1a2ae5842411d8eca27142743
SHA1

73150e0d4630292d99f13e4cb88b64bda3e4fa31
SHA256

dad6acb1d2cb67135b9b442643086c01af5ef320d6db40c0f4913ba3d3b3e4f6
SHA512

04434aefb30c72872ea35132abad3c3802d604acf0a5ab90cd2612404453c9e185d5cbcfe532db08146816d99b4748c608626f944583bc93e89cc044a0b6ed09
SSDEEP

1536:TReAmgK832FPQZrKRtBdCbQEelQLBCFHzz83CAKepf:A+32FY1KR1C98FHzz6CQ

Score

N/A

Malware Config

Signatures

Files

dad6acb1d2cb67135b9b442643086c01af5ef320d6db40c0f4913ba3d3b3e4f6
.exe windows x86

f9248416c2c985a8dd36e9be87a53d87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
VirtualAlloc
lstrcpyW
lstrcpyW
TlsAlloc
GetNumberFormatA
lstrlenW
lstrcpyW
FindNextVolumeW
CreateEventA
GetFullPathNameA
GetStartupInfoW
lstrcpyW
GetCurrentProcess
TlsAlloc
DeleteFileA
TlsGetValue
SetCurrentDirectoryA
lstrcpyW
SetConsoleTitleA
GetModuleHandleA
GetModuleFileNameW
GetPrivateProfileIntA

untfs

FormatEx
Format
Chkdsk
??0NTFS_BOOT_FILE@@QAE@XZ

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ORPC
Size: 1024B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ