cf9faeba6761a3a440934aa6efe03437bb8dcf1e39ff0c57b37c4065cc6bcffd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf9faeba6761a3a440934aa6efe03437bb8dcf1e39ff0c57b37c4065cc6bcffd
Size

23KB
MD5

6f1fcb858d81697cc4a70cd007558eb0
SHA1

e14bdfcfc2821eb2e5807fb5e40e26b7eac64aab
SHA256

cf9faeba6761a3a440934aa6efe03437bb8dcf1e39ff0c57b37c4065cc6bcffd
SHA512

8f4e77aee00e170ccf71205fa71dfad9f331b4f3dfce1e7c83981167b670ccb01601c388b1563edc0134bd641b1572619dd1804673d3614d0cf2a9f6bb7a3754
SSDEEP

384:8d0tGpoWIOfst4Wh6Zv1lBTpPa4kRPIN7mZtY1fkmIHPWWJJbGWW:GbU4WhGv1ltHkRPejk9

Score

N/A

Malware Config

Signatures

Files

cf9faeba6761a3a440934aa6efe03437bb8dcf1e39ff0c57b37c4065cc6bcffd
.dll windows x86

2cba55b790a13c411ade155580ffb4b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_chkstk
LdrDisableThreadCalloutsForDll
NtTerminateProcess
RtlUnhandledExceptionFilter
RtlAllocateHeap
RtlFreeHeap
NtQueryInformationFile
NtSetInformationFile
RtlLeaveCriticalSection
memmove
RtlEnterCriticalSection
RtlCreateHeap
NtQuerySystemInformation
NtOpenSection
RtlDeleteElementGenericTable
RtlEnumerateGenericTable
RtlInsertElementGenericTable
RtlInitializeGenericTable
RtlLookupElementGenericTable
NtReadFile
NtWaitForSingleObject
RtlDosPathNameToNtPathName_U
NtCreateFile
NtMapViewOfSection
NtClose
memcpy
NtOpenEvent
memset
NtSetEvent

kernel32

OutputDebugStringA

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 666B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ