ba46b0fa3c4d6cd8518c5b7748cab71204161c3b23ad5542ece686d993d89b62 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba46b0fa3c4d6cd8518c5b7748cab71204161c3b23ad5542ece686d993d89b62
Size

830KB
MD5

1299acdec156da131b908909d43cc0a0
SHA1

bb528601c43cb005229b399f5f4b9d830c302516
SHA256

ba46b0fa3c4d6cd8518c5b7748cab71204161c3b23ad5542ece686d993d89b62
SHA512

d5390b29efe017a240469c3f624f1927ad148891e15f0b7c2b314ba81785b35fc323389c8f5715f2fc6467649f873bea3d1cc0b8eb6a64068ad9149ecdb5bdfa
SSDEEP

24576:PIC2KMbWU1US+4gFq2RBRq6n2KdexbUntj5R2r:QKDv4gFO69AxQt98

Score

N/A

Malware Config

Signatures

Files

ba46b0fa3c4d6cd8518c5b7748cab71204161c3b23ad5542ece686d993d89b62
.exe windows x86

c13cd6e00fad617f6e90fabd19d04560

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
SetEvent
GetTickCount
GetCommandLineA
EnumResourceNamesA
GetCurrentProcess
LeaveCriticalSection
WaitForSingleObject
GetDiskFreeSpaceA
HeapCreate
GetLocaleInfoW
GetConsoleTitleA
EnumCalendarInfoA
GetModuleHandleA
MoveFileExA
CompareStringA
FindNextFileW

esent

JetTerm
JetTruncateLog
JetUpdate
JetStopService

Sections

.text2
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ADATA
Size: 813KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ