95d90ea68379fb51626132c6d23a27909333db2d573c2101d98897aef0b6edc4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95d90ea68379fb51626132c6d23a27909333db2d573c2101d98897aef0b6edc4
Size

83KB
MD5

023481478b990c2d71b53c2a787602a0
SHA1

83095a29d5aca061414200c09ed825f397a87a19
SHA256

95d90ea68379fb51626132c6d23a27909333db2d573c2101d98897aef0b6edc4
SHA512

74c5e4d63bf9fb0dc851764b1783d152db4222a0d7e59e1285d673c4b40f814a41ff31aee7ee36cd8c162dd4cf1acae2c83288a1ab59ed65ac9cbd8ca68a183b
SSDEEP

1536:yCygyN9AbIsujn04gcE/uHkG8ApjVrs2ryrd1vUQuqPj:GGhujn04gZY8AHs2q1

Score

N/A

Malware Config

Signatures

Files

95d90ea68379fb51626132c6d23a27909333db2d573c2101d98897aef0b6edc4
.exe windows x86

579cc7ef657a35e44bd0530c8e46299d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameExA
lstrcpyn
SetConsoleDisplayMode
CreateNlsSecurityDescriptor
ConvertThreadToFiber
CreateSocketHandle
DeleteFiber
SetFileShortNameW
Process32FirstW
DeactivateActCtx
ReplaceFileW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE