a96794ea8dd3f7ace431573c44edd1ed2aac5e3a0801e2b8744d398f92992f9d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a96794ea8dd3f7ace431573c44edd1ed2aac5e3a0801e2b8744d398f92992f9d
Size

94KB
MD5

28302d104ef9e48119ded752cf2cb2c3
SHA1

da5f120d1d9c44e097845e155d2f766295a70d29
SHA256

a96794ea8dd3f7ace431573c44edd1ed2aac5e3a0801e2b8744d398f92992f9d
SHA512

cabfbde8159dd0f14ffa0f79792c87f243f119f64f54cdd9314f0eccc248c3169287f279102a47b48a0e1f0223b590863c3a60d7b8c1c2749d83a3283396a29a
SSDEEP

1536:K/KgGrWWR31Qs2cNmOeGAOEWnJ2YyWlFhEJ9kzIYwCc8YaEJwZK4/83ZoMOALF6/:K/KgGrWWR3qMNmf5HWdyWlC9sIYwChZ1

Score

N/A

Malware Config

Signatures

Files

a96794ea8dd3f7ace431573c44edd1ed2aac5e3a0801e2b8744d398f92992f9d
.exe windows x86

acbedc4da2bd5d498799ccc6c10980cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
SetProcessShutdownParameters
DisconnectNamedPipe
SetVolumeMountPointW
GlobalAddAtomW
VirtualProtectEx
ExpungeConsoleCommandHistoryA
CreateDirectoryExW
SetFilePointerEx
EnumSystemGeoID

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE