c92054332e6795cf73970bb12109343d3b7aefa5e3d48d1b80a93135e308577a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c92054332e6795cf73970bb12109343d3b7aefa5e3d48d1b80a93135e308577a
Size

320KB
MD5

a2ca828b3e0c3f2c92083abb91c38070
SHA1

4f4ea6b0b80c63ac3869768c99782e6921f54827
SHA256

c92054332e6795cf73970bb12109343d3b7aefa5e3d48d1b80a93135e308577a
SHA512

6477392701ecf585f7685e66b7a923e36fb933412da167fecaf7b243a861d6c1d8f4cc545cab66ee51bb272ba800eb56864b2cd1e0c7535e8a84f9970eac9afd
SSDEEP

6144:/s4GYqfPiJH2RfS155ONNXBuWoJBO9OMbHLkAqF7Ief9UmM7/uT:/ak2EB0NxDIBuOFe7/uT

Score

N/A

Malware Config

Signatures

Files

c92054332e6795cf73970bb12109343d3b7aefa5e3d48d1b80a93135e308577a
.exe windows x86

c95bc5e2e0e26fd06e84805d18aaed15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateConsoleScreenBuffer
Process32NextW
lstrlenW
GetConsoleDisplayMode
PrivCopyFileExW
Toolhelp32ReadProcessMemory
lstrcpyA
GenerateConsoleCtrlEvent
GetThreadIOPendingFlag
GetFirmwareEnvironmentVariableW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE