648ca229617583fcd8836feefef8a4fdf73424b92ad0115c6c1560d7bedcb27f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

648ca229617583fcd8836feefef8a4fdf73424b92ad0115c6c1560d7bedcb27f
Size

352KB
MD5

6515ca8cb2ed64d267ee593a7ce5d6c0
SHA1

14281ec57bfd12eaf63970dae2e9252a3ad64f2c
SHA256

648ca229617583fcd8836feefef8a4fdf73424b92ad0115c6c1560d7bedcb27f
SHA512

ebbb2e671e4e74367f9bda688d6bb8782cd41f9e0a5067f80050eccbd0264641e456426ee50615b5b902ed90f053501048af81de4874d1c8025068d64cca927f
SSDEEP

6144:ewSxX6jro3TUK+fp7Nlm4LKlVf7yWoUG0AYpCIA0IV4u879JCJB:xSwjro3TUK+hSVTyWoD0Dc4f9JC

Score

N/A

Malware Config

Signatures

Files

648ca229617583fcd8836feefef8a4fdf73424b92ad0115c6c1560d7bedcb27f
.exe windows x86

d23bd388af428fbabd7c5404be79ddef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
memcmp

kernel32

ResetEvent
DeviceIoControl
FreeLibrary
Sleep
VirtualAlloc
VirtualFree
VirtualProtect
GetProcAddress
LoadLibraryA
CreateFileA
GetEnvironmentVariableA
SetFilePointer
ReleaseMutex
IsValidLocale
IsValidCodePage
GlobalAlloc
GetStdHandle
GetProcessVersion
GetCurrentProcessId
GetMailslotInfo

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ