fcde485d07e893af1557fa19c4ffe7a1f2efd8cb8c507ff8413cf0f796c26189 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fcde485d07e893af1557fa19c4ffe7a1f2efd8cb8c507ff8413cf0f796c26189
Size

91KB
MD5

ad5c551b2097f918d3c9e15fd33e4252
SHA1

f5e06e3cb713da7c764b550837ab5903cdb14130
SHA256

fcde485d07e893af1557fa19c4ffe7a1f2efd8cb8c507ff8413cf0f796c26189
SHA512

1da0209231ebea557ed42fc412f8ec706244be89066183261e31fdc61f72c04c9206fea483c1de14859ec5e99ff7c14205c974c72a411c562ff203350cba9bc2
SSDEEP

1536:CaMNOkXTOAfs34DifsLbyy5rkHOY2mBKXQseE68yilC5H+T2Qtf7mbWv:pky13bfsLbyy5rkH4sSeELyoOHyk

Score

N/A

Malware Config

Signatures

Files

fcde485d07e893af1557fa19c4ffe7a1f2efd8cb8c507ff8413cf0f796c26189
.exe windows x86

4ce058a3212299fe07496c333c7f8a80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointerEx
LocalFree
SetThreadContext
DnsHostnameToComputerNameW
FindCloseChangeNotification
SetInformationJobObject
FindFirstChangeNotificationW
SetFilePointer
GetNumaNodeProcessorMask
FindFirstVolumeMountPointA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE