0ab65d76f17742267623536e65025248faaad1cb52c47dfb537c6ef7d1671c53 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ab65d76f17742267623536e65025248faaad1cb52c47dfb537c6ef7d1671c53
Size

474KB
MD5

92ee50442fc1c0295b5aff9b9c868530
SHA1

7072bba93e3e232e9319ec6cb35536bbb328c835
SHA256

0ab65d76f17742267623536e65025248faaad1cb52c47dfb537c6ef7d1671c53
SHA512

1c2b179292a3f3fb73a7af2d5fee143857732e52c898a58196838704bc744d99b7bfe647fa0ee9ec0f89b226f2a166b5e2baa85641d5438eac3d74cfcca26a2d
SSDEEP

6144:C2czfaAGNBZ/wguJpVopIM/eiG3cE9bAxsfW7qz1jC84PXJcKK8dz5CnezFOHP92:rkfaajJ7oaz33O6euNC8+Zwp56

Score

N/A

Malware Config

Signatures

Files

0ab65d76f17742267623536e65025248faaad1cb52c47dfb537c6ef7d1671c53
.exe windows x86

e182be1cf450e2aed8c2f4c5045f11c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalWire
GlobalDeleteAtom
BaseCleanupAppcompatCacheSupport
AddAtomW
RtlCaptureStackBackTrace
IsBadWritePtr
InterlockedDecrement
FindActCtxSectionGuid
WaitForSingleObject
ReplaceFileA
FillConsoleOutputCharacterA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE