aff96a8abfb6751b0437e6b101c9db2aa5c8449a15bf939f9afeaa85521143fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aff96a8abfb6751b0437e6b101c9db2aa5c8449a15bf939f9afeaa85521143fc
Size

297KB
MD5

924d7e9a2596b2826cd2ff5312c7fd51
SHA1

fda74056c4445dd1ee8d9f7a9bde735cc31f5a75
SHA256

aff96a8abfb6751b0437e6b101c9db2aa5c8449a15bf939f9afeaa85521143fc
SHA512

5e04c891a60f2e93f7e601f9f23179421be40b549185ad9b0dba0f2c24acdd63aadf54b6416359f62c4dec1d19f859329ef6b40a4ec561d5eeefa3e8fb23a473
SSDEEP

6144:bkN7ow1ywhxbfUcDseMa1MBnso6mQYhm/8kuP:gWCLx4aspa+nsqY8kuP

Score

N/A

Malware Config

Signatures

Files

aff96a8abfb6751b0437e6b101c9db2aa5c8449a15bf939f9afeaa85521143fc
.exe windows x86

f2a4e1a6ade499aa16045faa0548e6fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
GetStringTypeA
CloseHandle
CloseHandle
VirtualFree
GetCurrentDirectoryW
GetConsoleMode
Sleep
FindNextVolumeW
GetVolumePathNameW
CreateFileMappingA
CreateSemaphoreA
CloseHandle
GetFullPathNameW
FindFirstVolumeW
HeapCreate
ReadConsoleW
GetEnvironmentVariableW
GetModuleHandleA
GetModuleHandleW
CreateFileA
SetVolumeLabelA
CopyFileA

dbghelp

FindFileInPath
ImageRvaToVa
ImageRvaToSection
ImageNtHeader

Sections

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.RES
Size: 292KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avdr
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE