0a11f128e9d75462a578ca1976b5a7c0f639c376193bd7c6fe5dd5b2e9159161 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a11f128e9d75462a578ca1976b5a7c0f639c376193bd7c6fe5dd5b2e9159161
Size

56KB
MD5

073ef75e257ffedd842c54344b4b023c
SHA1

09ae4afa968b1760ecdee9c0756102cd51fdd545
SHA256

0a11f128e9d75462a578ca1976b5a7c0f639c376193bd7c6fe5dd5b2e9159161
SHA512

ca3b1d226b1777ad6b5ece0d58de7d190f9109aa1fd85ff79076e9cc0307e68bf3cfabdae11515c75d0cb1e7b9e6df9f44f90aaf7bfc959394e0269b13046b5a
SSDEEP

768:PoJevlUFdcWism7gO638p3YYxHh5UfeyDVQX6iaGLrKaEcV/VHO3OqjGnvv+cKTC:gJG5P63Ho8DVQKidPVEWu3bjeOcBI/kv

Score

N/A

Malware Config

Signatures

Files

0a11f128e9d75462a578ca1976b5a7c0f639c376193bd7c6fe5dd5b2e9159161
.exe windows x86

28c3b2b00210000d70610908f4ebb440

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryDosDeviceA
GetSystemWindowsDirectoryA
LCMapStringW
GetSystemWindowsDirectoryW
FindFirstVolumeMountPointA
HeapWalk
WritePrivateProfileStructA
Heap32ListFirst
RtlMoveMemory
CreateFileMappingW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE