edf5312cfc548ef06ddab499058499b9ce0e14e46106e54acfcb7d94e0a5f4fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

edf5312cfc548ef06ddab499058499b9ce0e14e46106e54acfcb7d94e0a5f4fa
Size

111KB
MD5

28026098bb57e447323eb531d2eb8562
SHA1

11aede033687a1c675130808b6c29b82216e63a6
SHA256

edf5312cfc548ef06ddab499058499b9ce0e14e46106e54acfcb7d94e0a5f4fa
SHA512

d37d7dbeee38cdd09aa95151d04672224a89d6b3c0af6cd7ffb0dc448a4a4a49bcf8a27fc0417fc78aece4b7ff853a2d761914ae73730729eb234023933e3588
SSDEEP

1536:v+YXI+iH2O6gqqyD/O4lUosEotjaTy2AhINBJOuDzPvRoZRnoNJKtkzdIA7M9/WP:v+9BCgqLD+oRot6jzXmwh7MYJpI0n

Score

N/A

Malware Config

Signatures

Files

edf5312cfc548ef06ddab499058499b9ce0e14e46106e54acfcb7d94e0a5f4fa
.exe windows x86

d9943f9f7bc39e09572184adfcd5489e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetGeoInfoA
RtlMoveMemory
InterlockedFlushSList
VirtualProtectEx
GetConsoleCharType
InterlockedIncrement
PurgeComm
ReadProcessMemory
LoadModule
GetNumaAvailableMemory
GlobalAddAtomA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 97KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cduupqo
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE