c4b1600a229b27709a82d0dd94b8261f6334b557f8d88813b31813ca7387f8cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4b1600a229b27709a82d0dd94b8261f6334b557f8d88813b31813ca7387f8cb
Size

830KB
MD5

089fb0243d28f7c5924a3caa2a3c67a6
SHA1

386487005bf330f5544125c1866d856f57791981
SHA256

c4b1600a229b27709a82d0dd94b8261f6334b557f8d88813b31813ca7387f8cb
SHA512

50c49ff4bebd99cc0fe564648899af01cb44e7dc236e12f65650b04e36d8c16140ca1597acf998cba7eb05bb8593b90359dc149d3538e13469e18bb18f567192
SSDEEP

12288:EJWRPjT+Wv4VccSM8HRk1YQLMiYkCDi+ki2f1aDcS+1TqtEHq0f88zGfWK2B9zJT:EJmbiad2nLMUvv1aDeq0jDzj7zJ14pQ

Score

N/A

Malware Config

Signatures

Files

c4b1600a229b27709a82d0dd94b8261f6334b557f8d88813b31813ca7387f8cb
.exe windows x86

5c1764ee9d77f8e958e78cd0a4227ec0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetConsoleAliasA
GetDiskFreeSpaceA
CreateEventA
GetCurrentProcess
GetLocaleInfoW
GetFullPathNameA
GetCommandLineA
HeapCreate
GetModuleHandleA
OpenMutexA
MoveFileExA
EnumCalendarInfoW
WaitForSingleObject
GetStdHandle
ResumeThread
CreateSemaphoreW
CompareStringW

hnetcfg

HNetFreeSharingServicesPage
HNetDeleteRasConnection
HNetGetSharingServicesPage
HNetGetFirewallSettingsPage

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_WRITE

.adata
Size: 813KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ