861da243804487b4047cf04a70bb09cdf4681fd02fb24485ce27a532c6d2e6f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

861da243804487b4047cf04a70bb09cdf4681fd02fb24485ce27a532c6d2e6f2
Size

56KB
MD5

ac3c716da210d9b261c3a26f9e85a67b
SHA1

74555217e2b372fc2cd387a1a193b17caffbed81
SHA256

861da243804487b4047cf04a70bb09cdf4681fd02fb24485ce27a532c6d2e6f2
SHA512

19141757e189879dc8d142c24e582291e04ea2bb61db8d57bb0f285cc0e05318f2fb6d01d98101193c96291f8a880697fd3b687d43ae80b644d4ca36e11a40ea
SSDEEP

1536:3WQ2KNbyujwirpFnRPCPKbBMtERM+mQWGcQe:3WQ2YbbjwirdEAMt0M+tW9

Score

N/A

Malware Config

Signatures

Files

861da243804487b4047cf04a70bb09cdf4681fd02fb24485ce27a532c6d2e6f2
.exe windows x86

25c0295954f680f1b6898ff1555e32f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntW
GetNumaProcessorMap
InterlockedIncrement
TlsAlloc
InvalidateConsoleDIBits
GetVersionExW
DebugActiveProcessStop
GetExpandedNameA
SetCommConfig
CreateDirectoryExW
WriteConsoleA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE