6b717d70a506276ec983247bd50f5f5d56b41b4b791d2175f9ccd7227b863b3b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b717d70a506276ec983247bd50f5f5d56b41b4b791d2175f9ccd7227b863b3b
Size

56KB
MD5

6be20450b52b05e174fe0ea82bddbfc0
SHA1

e91b42f973e46c1f5f6269d9c9f40c50602d06d0
SHA256

6b717d70a506276ec983247bd50f5f5d56b41b4b791d2175f9ccd7227b863b3b
SHA512

e3f5547ecade164c195f6dac7aa992cc0342e4080390b3afca3dab49bb5590676594951014363e05dd2aaa5b2e534d6cbc461afc8d95e585f5bb1dfb0b71aa58
SSDEEP

1536:4hJehajrPd8eOK+UhgBgD80ig6/HjTtJgOfXt:2QQrP+bK+Uhg6OPjrgUXt

Score

N/A

Malware Config

Signatures

Files

6b717d70a506276ec983247bd50f5f5d56b41b4b791d2175f9ccd7227b863b3b
.exe windows x86

69c1e66a5f8910d89c21efaec44519a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
Module32First
GlobalFindAtomA
GetProcessId
EncodeSystemPointer
IsDBCSLeadByte
RemoveDirectoryA
VDMConsoleOperation
RegisterWaitForInputIdle
AllocateUserPhysicalPages
ReleaseActCtx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE