8636d59d483067381614012b1631c0b481365e185db5ec6b9060870d52a7bad7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8636d59d483067381614012b1631c0b481365e185db5ec6b9060870d52a7bad7
Size

104KB
MD5

08df21a6edf397d376dd16458542eda6
SHA1

b0b276646bce874ce8cbd4558821b344318a331b
SHA256

8636d59d483067381614012b1631c0b481365e185db5ec6b9060870d52a7bad7
SHA512

35b051af3a94fa07d67342def634756217fcf3a7960d611390ba2ed7fd4fd8149080954bebaaae924e8b173ccb973a0fc95c95b754f9fc2de1dd873c9ba8c91e
SSDEEP

3072:sjmKvankgQjvZ+NSzFN8HcREQZ6gxnQDZ8joET0F:emGankg8+NSzFN8HhZ9Oi

Score

N/A

Malware Config

Signatures

Files

8636d59d483067381614012b1631c0b481365e185db5ec6b9060870d52a7bad7
.exe windows x86

95b23c1fdca38d8a78b5fb7570d45a1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputA
WaitForSingleObjectEx
VirtualAlloc
GetNumberOfConsoleInputEvents
GetCommMask
CreateFileMappingW
GlobalDeleteAtom
RemoveLocalAlternateComputerNameA
SwitchToThread
LZInit
CmdBatNotification

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE