df0bd887d8657c9ca8e3152e79393bf6d309668d6ee57a7f2119da558e5ce80e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df0bd887d8657c9ca8e3152e79393bf6d309668d6ee57a7f2119da558e5ce80e
Size

94KB
MD5

3694e1816d879720f87e20395edfd6a3
SHA1

91250ce6529bc00d6a4c432e754abb6a241d129d
SHA256

df0bd887d8657c9ca8e3152e79393bf6d309668d6ee57a7f2119da558e5ce80e
SHA512

4a82ed56d8ef4402d8b0d0766dc12d2b67cbfc181be09853fb1f0fc55d74b9eba434d2c51e4841d8609a628bfccf0c704c12a7aa07ca1a1df9588d5aa07875f1
SSDEEP

1536:JiRw11Y2Zb0GSPilhXGAbcZ7tVnzK3c8YaEJwZK4/83ZoMOALF6SSf:gqHaGg8c9ohZEXtpxLF6H

Score

N/A

Malware Config

Signatures

Files

df0bd887d8657c9ca8e3152e79393bf6d309668d6ee57a7f2119da558e5ce80e
.exe windows x86

a82a8b213b36d69d7a33ceabc528d534

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32FirstW
EnumResourceTypesW
GetVersionExW
QueryWin31IniFilesMappedToRegistry
GetPrivateProfileStringW
GetConsoleMode
LocalFileTimeToFileTime
SetComputerNameExA
InitAtomTable
GetProcessAffinityMask

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE