971b71fbf36b0c0cb6f649c26e09a0f93d7cc9487dc98f98cad71d154aadc1b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

971b71fbf36b0c0cb6f649c26e09a0f93d7cc9487dc98f98cad71d154aadc1b9
Size

15KB
MD5

0a5f0ed8a1bcc0d8e0741261a3f6c0ee
SHA1

e10beba887cbd20da82a4778b3309bf28e383e32
SHA256

971b71fbf36b0c0cb6f649c26e09a0f93d7cc9487dc98f98cad71d154aadc1b9
SHA512

acd4dd5a27644803a0cf99d27f8b0a24a664c9bc0fef3df11e8e66a7411bb0fae6e2b7b4fcf84f69468e08bfb003bb18b8e71757e615c6b8d13f47a170fc4c1b
SSDEEP

384:cQnAAAJOWIraRxM0y2Ltg6DcsjSMtoqyOR:cQnAAAsWkmxMgtg6DbjoGR

Score

N/A

Malware Config

Signatures

Files

971b71fbf36b0c0cb6f649c26e09a0f93d7cc9487dc98f98cad71d154aadc1b9
.exe windows x86

a4f5918513d86c4f2841447cf0ef5d5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetNumaAvailableMemoryNode
VirtualFreeEx
IsWow64Process
GetCurrencyFormatW
ReadConsoleOutputW
Process32Next
CompareFileTime
GetNumaAvailableMemoryNode
FindActCtxSectionGuid
GetTempPathW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE