16d7648ecd54eec2abf95a090a857c5984ed7b6617e503ec00c5f2deb169a01d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16d7648ecd54eec2abf95a090a857c5984ed7b6617e503ec00c5f2deb169a01d
Size

63KB
MD5

6e86d067668ad2faf75da9f48624d390
SHA1

a1bfa83a6c3fd95b977f16142b1e94459c2fdf75
SHA256

16d7648ecd54eec2abf95a090a857c5984ed7b6617e503ec00c5f2deb169a01d
SHA512

c11ffddc799b8159fd06cdc58dafe222fd0b6be83c1b962bdef7602c76bbac5b3df4aec5cf1c0438948d1a2839f7e76bd0452175329ce776d5e2677fa0058106
SSDEEP

1536:Or+BM9zhsEXDTABmWoDv6/EFqZTh45cKQ+43k+4v/JH:OyBM99TABuohh4+f+bH

Score

N/A

Malware Config

Signatures

Files

16d7648ecd54eec2abf95a090a857c5984ed7b6617e503ec00c5f2deb169a01d
.exe windows x86

ff932a63279b1200938b4241f0102501

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
GetStartupInfoW
GetConsoleProcessList
BaseDumpAppcompatCache
GlobalMemoryStatusEx
AddAtomA
GetThreadLocale
GetExitCodeProcess
IsWow64Process
GetSystemDefaultUILanguage
SetupComm

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE