ef53f308acab52d0c2df0db67d460435f8fb042e3d68ea8449e9408ecaae60f0

General

Target

ef53f308acab52d0c2df0db67d460435f8fb042e3d68ea8449e9408ecaae60f0
Size

138KB
MD5

64832eb183de097d6178fa2a1180f8b9
SHA1

11748f1d0e21f3df3d4a434e61dea85387946a59
SHA256

ef53f308acab52d0c2df0db67d460435f8fb042e3d68ea8449e9408ecaae60f0
SHA512

0064fa59b5874f71882f5a6b41d511ba6237221932ef39d9abe14ce0def7bc16b24338befa1c39d61b3c172e1d7bdc4235abff9ac1f1d64cb9c0b5e58776f79a
SSDEEP

3072:T571ptN2+UKaehNyaWTBmtL2t+4pMGdbgkE:p1pe9RehNyvB9KGdH

Score

N/A

ef53f308acab52d0c2df0db67d460435f8fb042e3d68ea8449e9408ecaae60f0
.msg
- http://wellsfargo.com
WF_Docs_jim.jackson.zip
.zip
WF_Docs_6082013.exe
.exe windows x86

521c510f936114d63d5e8cdcce67b346

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextVolumeA
CreateSemaphoreA
lstrcmpW
GetConsoleMode
CloseHandle
ReadConsoleA
GetVolumePathNameW
GetStringTypeA
ReleaseSemaphore
FindFirstVolumeA
WaitForMultipleObjects
GetFullPathNameA
HeapCreate
GetFullPathNameA
GetCurrentDirectoryA
GetEnvironmentVariableW
OpenMutexW
CloseHandle
CloseHandle
GetModuleHandleA
GetDiskFreeSpaceW
GetFileAttributesW
GetModuleHandleW

dbghelp

ImageRvaToSection
ImageNtHeader
ImageRvaToVa
FindFileInPath

Sections

.text
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.res
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE