4e3343706bca2218f830b763a581effe24c2f21bcfb052449922403682c8010c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e3343706bca2218f830b763a581effe24c2f21bcfb052449922403682c8010c
Size

30KB
MD5

2921489a2c25e4218c7e07f3a3e7dd80
SHA1

a543866dfdd84f5897e385285e49c5b4ce85fd7b
SHA256

4e3343706bca2218f830b763a581effe24c2f21bcfb052449922403682c8010c
SHA512

c50c74fa0f3df12900ab0412254da77f3b391b579c51f05281c747e38ad03c0e3c05182220db2fa96863a97ad4478d6d50102742cf73fbed80bd9c4c4186fff9
SSDEEP

768:Hog2DiADGTO6GQWjp9DGjHGjlDaqfpA9+xATIaPi0wXf9D0LflxbilPb+r:HmihWVQYAXvMfCfHgjo

Score

N/A

Malware Config

Signatures

Files

4e3343706bca2218f830b763a581effe24c2f21bcfb052449922403682c8010c
.exe windows x86

3af269fa528133c5d41777ad28f54ffa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
SetVolumeLabelA
HeapValidate
AddAtomW
GetProcessHeap
BaseAttachCompleteThunk
CreateProcessW
HeapCreateTagsW
FillConsoleOutputAttribute
LocalFlags
SetComputerNameExW
DnsHostnameToComputerNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 133KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE