0e47a8496939f33209e4c7666eff7547282faa78cbb2570c8e974034a3795057 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e47a8496939f33209e4c7666eff7547282faa78cbb2570c8e974034a3795057
Size

810KB
MD5

678e159bd94b799d05c0c1c97f16b0b1
SHA1

24b1effd1c4aab90360bfe7b900ac87a052a7070
SHA256

0e47a8496939f33209e4c7666eff7547282faa78cbb2570c8e974034a3795057
SHA512

04a9da1a1da7fa6ddbb235649f656ffcfff8f03a577ff925df7b01fd9c081bd0667e427ab212d31e24dde53b3ee96f107c0c16292330eb3ae6bd03d572ee8b8f
SSDEEP

12288:sEbRFSaLBktQawvULg2j8PyxtXad0Czz86QfA1Hb5scWHHkkMlFFHidL5TruT8Ej:sEJLBktQLvULlYKaRzHsA1HNsGNHu

Score

N/A

Malware Config

Signatures

Files

0e47a8496939f33209e4c7666eff7547282faa78cbb2570c8e974034a3795057
.exe windows x86

176fe75834870c115083b7a16e763078

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
SetCurrentDirectoryW
GetModuleHandleA
GetStringTypeA
GetLogicalDrives
GetLogicalDriveStringsW
GetLogicalDrives
GetModuleHandleW
GetLogicalDrives
GetFileAttributesA
GetStdHandle
CreateEventA
GetLogicalDrives
OpenMutexW
GetTickCount
lstrcpyW

riched20

RichEdit10ANSIWndProc
IID_ITextHost
IID_IRichEditOle
RichEditANSIWndProc

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.kdata
Size: 801KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ