70ab2a4a2a7addecae4ec36561c016334292b0c1c01c99e6189cf1ec808bae71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70ab2a4a2a7addecae4ec36561c016334292b0c1c01c99e6189cf1ec808bae71
Size

435KB
MD5

64aea77e1943e77f2bfef64198d93a90
SHA1

4ee0cc890030ea568c72ec8bfa17e73983067e35
SHA256

70ab2a4a2a7addecae4ec36561c016334292b0c1c01c99e6189cf1ec808bae71
SHA512

3727cd4c8915c6e622d253da7b8abb1a710a993669ff66d8152ea74295df242899f37094c5fdacbc5d957ddc9ecfff2574af13a3e2b07319735512ce16458ce3
SSDEEP

12288:QjMWNn7tiiAmLYL94BlaJihR5oFVn7h27S:cH7cmMxaltNqhwS

Score

N/A

Malware Config

Signatures

Files

70ab2a4a2a7addecae4ec36561c016334292b0c1c01c99e6189cf1ec808bae71
.exe windows x86

bdcc4ed056812a7863cf79af353d80cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefDlgProcW
GetInputState

ntdll

RtlUpcaseUnicodeStringToCountedOemString
ZwTerminateThread
ZwQueryMultipleValueKey

kernel32

GetUserDefaultLangID
GetSystemDefaultLangID

Sections

.text
Size: 433KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 247B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE