288c670902e78d9f1f848e96780cbc087b9e1d9b49e486aeba52588232944401 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

288c670902e78d9f1f848e96780cbc087b9e1d9b49e486aeba52588232944401
Size

66KB
MD5

a08c67c750a391e53535e2d86003df20
SHA1

edd6ba29bf9406ecea027d9fb1262697be7a5719
SHA256

288c670902e78d9f1f848e96780cbc087b9e1d9b49e486aeba52588232944401
SHA512

e59297f76bb28595fc5701e79f6f66025a980a3b426da7f07b442d17d401943e661165a33f1462fcf186d6e52cf4ebe27e5abf93897471e98102f398d77d6335
SSDEEP

1536:8eCOfK5+TfASGSEr8OcpAuJuuHjXIsnN6/iizqJxxVfBd:Zf8jS5FOcpAluDXN6/iGG1fL

Score

N/A

Malware Config

Signatures

Files

288c670902e78d9f1f848e96780cbc087b9e1d9b49e486aeba52588232944401
.exe windows x86

8a1ed95653111d9236aea443ea396d92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
CopyLZFile
SetTimeZoneInformation
SetEvent
InterlockedPopEntrySList
CreateRemoteThread
LoadResource
SetVolumeMountPointA
SetConsoleCommandHistoryMode
CreateProcessInternalWSecure

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE