6481fc4e58da6e93637a77222a9fff5d57cac5a62ceaa5e0a68c369e7ee07f91 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6481fc4e58da6e93637a77222a9fff5d57cac5a62ceaa5e0a68c369e7ee07f91
Size

883KB
MD5

114068218f347bfd1b8266d462d48ef1
SHA1

072299aec3660553d9b6a0373033a6019cf54b1c
SHA256

6481fc4e58da6e93637a77222a9fff5d57cac5a62ceaa5e0a68c369e7ee07f91
SHA512

49867cccc8d222b0e7f06dd3dc8137e5deda8abc2195081edb0781f193b50663b8587a2b32435bcf2b6e6709a020af1f76db466d88e7dc3db641c7a0e6f5bfe5
SSDEEP

24576:VF3S9D2wFEPphGquWTy7L4h+W5jG6ofA8vo+hPv:v5w6rGPWuLyBQvfHvF

Score

N/A

Malware Config

Signatures

Files

6481fc4e58da6e93637a77222a9fff5d57cac5a62ceaa5e0a68c369e7ee07f91
.exe windows x86

dbf0b335b6b339f12f63b3f6082141b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetGeoInfoW
GetGeoInfoW
OpenEventW
GetCurrentProcessId
ResetEvent
GetModuleHandleW
GetModuleFileNameW
GetModuleHandleA
GetFileAttributesW
GetCalendarInfoA
lstrcatA
Heap32Next
VirtualProtectEx
GetGeoInfoW
GetGeoInfoW
CreateMutexA

wmvcore

WMCreateReader
WMCreateEditor
WMIsContentProtected
WMCreateWriter

Sections

.text
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.ndata
Size: 868KB - Virtual size: 2.2MB

IMAGE_SCN_MEM_READ