246bb7eaa67433e493d340837a783e4bb9529f663a5169f26a0a90d3a3aed7b2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

246bb7eaa67433e493d340837a783e4bb9529f663a5169f26a0a90d3a3aed7b2
Size

63KB
MD5

036604f9e7aa850baa99ec5565d0e354
SHA1

1d9476c0df7e6c44bea0853e647b553f74b892dc
SHA256

246bb7eaa67433e493d340837a783e4bb9529f663a5169f26a0a90d3a3aed7b2
SHA512

ee1299bcf2d2c8ea7eea7e3953b18f50845987ba59ac6ba8494d868d487d51379b3a58c97e338b4ed4f9f95b7876f6e61d06794e8a5b0a7040f37c67d052e97f
SSDEEP

1536:+OK4jgcglVd3Oh2BnXn9WorOKe8pNh5q9+5hiFu:M4jdQJOh2BXcoyKe8R5M+5hIu

Score

N/A

Malware Config

Signatures

Files

246bb7eaa67433e493d340837a783e4bb9529f663a5169f26a0a90d3a3aed7b2
.exe windows x86

c60b634d3c60b49e9289076f21e5aec1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindActCtxSectionGuid
_lclose
GetNumaAvailableMemory
WriteConsoleInputVDMA
FindResourceExW
_hwrite
lstrcpy
GlobalGetAtomNameW
SetProcessAffinityMask
GetConsoleAliasesA
InterlockedExchange

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE