56890fd06de139f8a4189f8f390637750b29f692b81c151972a0d235ac03149b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56890fd06de139f8a4189f8f390637750b29f692b81c151972a0d235ac03149b
Size

86KB
MD5

88d95cb811659378644966a919fface3
SHA1

43f8730bc020e5e21072bb462a5298aeca72cd86
SHA256

56890fd06de139f8a4189f8f390637750b29f692b81c151972a0d235ac03149b
SHA512

a52a2efc6da3d3bcd3145283535e8bfa411373aee9b6ff539bcf7394b948ac4d21d15a8c49596354708432e10e14a9035e48db3d691c22589d3f7ffe3884f72f
SSDEEP

1536:jTnqFyqgXCdy4K9LRhJJ1xiSSFS2k+Cncqfk/NGlB5OINdFHsU/edhZKz/U8ZoOf:HDNhJnARFS2LCncqfQI35OINdZ5ekTZ3

Score

N/A

Malware Config

Signatures

Files

56890fd06de139f8a4189f8f390637750b29f692b81c151972a0d235ac03149b
.exe windows x86

36781136d80049829da9a99be62659cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetFileAttributesExW
InterlockedFlushSList
GetVolumeNameForVolumeMountPointA
GetConsoleCommandHistoryA
CreateActCtxA
WritePrivateProfileSectionA
SetMailslotInfo
CreateTapePartition

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE