92209b5e30a67fb4b789a4ebe2fe0ea9af42055900020121a4e68edaf0a83634 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92209b5e30a67fb4b789a4ebe2fe0ea9af42055900020121a4e68edaf0a83634
Size

56KB
MD5

0d42c01cd8b3d11a41eeab241bab8002
SHA1

56e573c6c49563dc1d25660159cdb4884336b421
SHA256

92209b5e30a67fb4b789a4ebe2fe0ea9af42055900020121a4e68edaf0a83634
SHA512

ed6be64c234480ac72165af5acfc75082a541467d778d06dbfbf281ae001cdfab3964f941b83c4393a1b83687d9bc937de97fa3a6d944415d4c15186417d1342
SSDEEP

1536:wIw5kdAlmHp9Elh4tsRgCmuDyRJK1Vfyc7jOG:+oPHLEFkKX

Score

N/A

Malware Config

Signatures

Files

92209b5e30a67fb4b789a4ebe2fe0ea9af42055900020121a4e68edaf0a83634
.exe windows x86

66411d8627c0b31c615accf5b21c141f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LZCloseFile
Process32First
RtlMoveMemory
ReplaceFileW
CloseHandle
CallNamedPipeW
GetCurrentDirectoryA
ReadFile
FreeResource
SetProcessPriorityBoost
DeactivateActCtx
EnumTimeFormatsA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE