9fb640499f222be64ba0a006d2f17963e5526e7e24fcb3efaa194c6dcf766b99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9fb640499f222be64ba0a006d2f17963e5526e7e24fcb3efaa194c6dcf766b99
Size

83KB
MD5

925f182b50a8c47247b2acd4f86a3de0
SHA1

ad88a19e20ac584d9ddafdc6116150f810c25ba2
SHA256

9fb640499f222be64ba0a006d2f17963e5526e7e24fcb3efaa194c6dcf766b99
SHA512

cd7ef9da47267bc4b4771b923830d914e46694d796d7f003f084007278367800b6a9336f4a006395580c360e396c05698d601341ae663b35f5fe9f836aba6e0e
SSDEEP

1536:hPrK0B3nD1nQ6yPSlUUWEBEeJH9IqhphizyHs6ZpjVrs2ryrd1vUQuqHGm:e0PtBqy5ZHs2qlG

Score

N/A

Malware Config

Signatures

Files

9fb640499f222be64ba0a006d2f17963e5526e7e24fcb3efaa194c6dcf766b99
.exe windows x86

befb396e788ff1aa45e0f10780cc32be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitNamedPipeW
GetTempFileNameA
GlobalDeleteAtom
WaitNamedPipeA
UnregisterWait
ExpandEnvironmentStringsW
VirtualProtect
FindVolumeClose
CloseHandle
GetVolumePathNameW
VirtualLock
CopyFileW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE