6e1dd4ff31035013326a5078dc701d4c6758b0e1296ae04a758bc25d25e96038 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e1dd4ff31035013326a5078dc701d4c6758b0e1296ae04a758bc25d25e96038
Size

24KB
MD5

04770d8b9aa6c7b795c877a891d25ba0
SHA1

309da5401cca56b70af80916fc858490b8de2343
SHA256

6e1dd4ff31035013326a5078dc701d4c6758b0e1296ae04a758bc25d25e96038
SHA512

bf892f382a4b94ebfdc4fe527dba148fb06adc9902c82c26bb46d1a21682cd88f5f918fc4dd6117cf28c2283d45b5cd33cd0f0a01431c69b5ca5a985ecefdcfb
SSDEEP

768:QZHwfnZ13kWm1H6Fbav1IoAcsy1LCrNzImYf3ee9K5p3mWXE85P73PKVt6:qOZAUQt/WXVF3i/6

Score

N/A

Malware Config

Signatures

Files

6e1dd4ff31035013326a5078dc701d4c6758b0e1296ae04a758bc25d25e96038
.exe windows x86

b0151e6fc0b47767328f894fe2d98f25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile
DebugActiveProcess
GetNamedPipeInfo
lstrcmpiW
GetModuleFileNameW
GetComPlusPackageInstallStatus
RegisterWaitForSingleObject
SetConsoleFont
ExitVDM
WritePrivateProfileSectionA
SetConsoleKeyShortcuts

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE