317dbfcfe6c2a99d353f3f927107fcbb9543af8d82d5a98a0f67807b0eaf4592 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

317dbfcfe6c2a99d353f3f927107fcbb9543af8d82d5a98a0f67807b0eaf4592
Size

63KB
MD5

80a320397b15f6d874fca42405b49a29
SHA1

00cfeff812f177113c841e20bc77aed04d15e692
SHA256

317dbfcfe6c2a99d353f3f927107fcbb9543af8d82d5a98a0f67807b0eaf4592
SHA512

9ee8c5354d411a482e101b2119ef1ed5cc14e9e5487cd3dcd0827cbdf8529ee50726b5cf3fb2a145ca997804087e7f26f4471c3fbd040c6f0559fa5d309bb8a3
SSDEEP

1536:3hq1Db2ycpjN4tWfqmmDkn8Uj1ePT7y5bSGLXndPBHp:3h0ZcpU4mPLPIbSG7nd7

Score

N/A

Malware Config

Signatures

Files

317dbfcfe6c2a99d353f3f927107fcbb9543af8d82d5a98a0f67807b0eaf4592
.exe windows x86

1ef625098987fff4141f9720ddd56a72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessInternalW
EnumLanguageGroupLocalesW
GetStringTypeExA
RegisterConsoleVDM
InitializeSListHead
FreeVirtualBuffer
SetComputerNameExW
Sleep
UnmapViewOfFile
RtlFillMemory
SetThreadUILanguage

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE