ecfde16560df18b83ea212d7bcd102f363f7cee6fd8b90547284b49c309152eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ecfde16560df18b83ea212d7bcd102f363f7cee6fd8b90547284b49c309152eb
Size

301KB
MD5

5ad4f4ff09865091f1541c5f04c11d70
SHA1

33d4967692a12c7476494673b62508eb593b6cfe
SHA256

ecfde16560df18b83ea212d7bcd102f363f7cee6fd8b90547284b49c309152eb
SHA512

da94ea835b517454d15db4f97987140dc0dabbfe7b62bb15e442fdc3d09213d45e0a525e0acc7f559fe10275ef68c122b63ef8af8fa2a6f120a82ed76ec969cf
SSDEEP

6144:uz92eiyy0sXkIt793duK8hJdX6Iwy1iXQ72VQ:0piyKntB3nSX621iXQ7X

Score

N/A

Malware Config

Signatures

Files

ecfde16560df18b83ea212d7bcd102f363f7cee6fd8b90547284b49c309152eb
.exe windows x86

59bc682d2b81629ce5e3f93112a26258

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
HeapCreate
WaitForMultipleObjects
GetEnvironmentVariableW
CreateSemaphoreA
GetConsoleMode
CloseHandle
GetFullPathNameW
OpenMutexW
FindNextVolumeW
CopyFileA
Sleep
GetFullPathNameW
GetVolumePathNameW
VirtualFree
GetModuleHandleA
ReadConsoleA
GetModuleHandleW
GetStringTypeA
FindFirstVolumeW
GetCurrentDirectoryA
CloseHandle
SetVolumeLabelA

dbghelp

ImageRvaToSection
ImageNtHeader
ImageRvaToVa
FindFileInPath

Sections

.text
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.RES
Size: 292KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE