f54d34a4d8ece6d77ee7f97834ba3774ec6c5569a3ca045f0878c2373ccd1f65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f54d34a4d8ece6d77ee7f97834ba3774ec6c5569a3ca045f0878c2373ccd1f65
Size

341KB
MD5

0cfb3457235015d1d912479f724a736e
SHA1

dff864962ccede8c359fe4e56766f7311438e80b
SHA256

f54d34a4d8ece6d77ee7f97834ba3774ec6c5569a3ca045f0878c2373ccd1f65
SHA512

58ede378a89ad4b4f3fe404a5309b10956689064bbb0bc265133a7d82a5b1ce3517104ac91fc7b071fd4309f93b398ac5b1bc1f766dbde4010e624ea5e9120a9
SSDEEP

6144:CknAHrO+MLJMMb4ojWGgMg8G8GalOrRUAtJkih6:C/O+M9ruMg874Rdkb

Score

10^/10

Malware Config

Signatures

Nirsoft 1 IoCs

resource	yara_rule
sample	Nirsoft

NirSoft WebBrowserPassView 1 IoCs

Password recovery tool for various web browsers

resource	yara_rule
sample	WebBrowserPassView

Files

f54d34a4d8ece6d77ee7f97834ba3774ec6c5569a3ca045f0878c2373ccd1f65
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 143B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ