de06a6911e382e25bfd57db8343519255b5387e23904325c3c27d27da0d8e26a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de06a6911e382e25bfd57db8343519255b5387e23904325c3c27d27da0d8e26a
Size

435KB
MD5

27b0ae24490e177ea0123e6ea7e04450
SHA1

6fb5a3b8230fde688cf0d73110d2a3fff5f55667
SHA256

de06a6911e382e25bfd57db8343519255b5387e23904325c3c27d27da0d8e26a
SHA512

c22d9324f1126a862b953d8880eb4ac0c69bf831fdb089bbca7953b7cfdddcd195be2fc577acc3927160119b0e93e6b6689c87d8bc2ccc2e0eeaf90d19dccd98
SSDEEP

12288:2pZ1TyC8ISaH3qtfJozUqDU4fdYRV1o6+NgX:yyhaH3qtfJozTnfa7Th

Score

N/A

Malware Config

Signatures

Files

de06a6911e382e25bfd57db8343519255b5387e23904325c3c27d27da0d8e26a
.exe windows x86

66b5cfffc5f7886b221ba4bc4cc779e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextVolumeMountPointA
GetCurrentThreadId
GetCurrentProcess
GetProcessHeap

ntdll

RtlExtendedIntegerMultiply

Sections

.text
Size: 433KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 255B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE