f73afc049725397d76c76426696e0ea97c36821f42688689ad288463f17d19e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f73afc049725397d76c76426696e0ea97c36821f42688689ad288463f17d19e9
Size

415KB
MD5

0bb8f3ae194426f14e76136a38001848
SHA1

9603d9d0c2ecd590968e7ed88d47e86828d75429
SHA256

f73afc049725397d76c76426696e0ea97c36821f42688689ad288463f17d19e9
SHA512

320134db7044e52eb60567171cd5a59717bf8d8207308f26b490f58b9eb6d4f2196a36bff0f877f1023502c240ed63f68efe991a55ee814b8d6705514a845ed7
SSDEEP

12288:osuh+d5HFndt4lljgJ//E2ZrZFim5IiGY6U95p:o+4lVIZFim+iQUn

Score

N/A

Malware Config

Signatures

Files

f73afc049725397d76c76426696e0ea97c36821f42688689ad288463f17d19e9
.exe windows x86

586f855c68172045e2a78c9dfac03c5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
VirtualQueryEx
GetModuleFileNameA
GetProcAddress
VirtualAlloc
HeapReAlloc
FindResourceA
ConnectNamedPipe
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapAlloc
WriteConsoleOutputA
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
FlushConsoleInputBuffer
GetSystemTimeAdjustment
GetFileAttributesExW
InterlockedExchange
RtlUnwind
GetCurrencyFormatW
QueryPerformanceCounter
VirtualQuery
LoadLibraryA
GetLogicalDriveStringsA
CreateProcessW
GetLongPathNameW
GetProcessShutdownParameters
ExitProcess
GetTickCount
lstrcatA

gdi32

SetViewportOrgEx
GetTextCharset
PolyPolyline

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ