97d5c20239786cdc66102fdb8575e5a1d8667e63a7af7e8f3fc9e8dee3fc110a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97d5c20239786cdc66102fdb8575e5a1d8667e63a7af7e8f3fc9e8dee3fc110a
Size

438KB
MD5

7cf3f999dbdc73f94786d9d0eb2db3d0
SHA1

91ff7058abf6318d9f203e772d3de45a08d59220
SHA256

97d5c20239786cdc66102fdb8575e5a1d8667e63a7af7e8f3fc9e8dee3fc110a
SHA512

bbcf03396251372571138e8a3e0c5d31d66b039c470f64c493319ccfdd6afce299dbbe0f67ef122b87b818ae076ff0ecee1249f34a3b10592b1f2f2ae2e648a0
SSDEEP

12288:Da42eCd2UcXvwJ8lHrgxubdvSFVlRlnp9:+42L2N2QhveXf

Score

N/A

Malware Config

Signatures

Files

97d5c20239786cdc66102fdb8575e5a1d8667e63a7af7e8f3fc9e8dee3fc110a
.exe windows x86

33689c8c9d144d786e24343d301c9196

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseWindowStation
IsCharUpperW
GetCapture
GetDialogBaseUnits

kernel32

CreateDirectoryExW

ntdll

ZwUnlockVirtualMemory

Sections

.text
Size: 436KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 211B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE