a81b2fcac8dd9d5849b0850b096fe8d208c4d3f2f20d6385c49f13dfd1f038b5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a81b2fcac8dd9d5849b0850b096fe8d208c4d3f2f20d6385c49f13dfd1f038b5
Size

428KB
MD5

0bf5ff2f4cfcfd9a3c6d7a73e2219fb0
SHA1

6dc5951800693a7a5e2fe91709407c2da012658c
SHA256

a81b2fcac8dd9d5849b0850b096fe8d208c4d3f2f20d6385c49f13dfd1f038b5
SHA512

1f6e0cd2518a7954af6b214a990135e4cc500147fea776ca62a0722a88f98faab87429ff4aabcfbfdd82b7c2fcf1bbbbb1ce1079c4877a79c2ddc13ba18ad837
SSDEEP

6144:cO4q+szMKIxfH7Lk4CZzGympQbB1/T5zSkTtDNZKTKj:gq+stIxPnk4ClGymOtvekRD+TW

Score

N/A

Malware Config

Signatures

Files

a81b2fcac8dd9d5849b0850b096fe8d208c4d3f2f20d6385c49f13dfd1f038b5
.exe windows x86

f67fb1254482aa202c1584e11bd19dac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetLengthSid
InitializeSid
DeleteAce

user32

GetShellWindow
DefDlgProcA

kernel32

GetCurrentProcessId
GetProcessHeap

Sections

.text
Size: 426KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 277B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE