1c666b1114a86e534b0fa0db1c5be303fd900a9bc6e4640dfb300c5493231594 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c666b1114a86e534b0fa0db1c5be303fd900a9bc6e4640dfb300c5493231594
Size

73KB
MD5

e14dbe31c44afad3020c513621feeae9
SHA1

4c2d689473353ea410eb67ebc11dd84dfb2503b7
SHA256

1c666b1114a86e534b0fa0db1c5be303fd900a9bc6e4640dfb300c5493231594
SHA512

6edf19762bb98be0c9def49743fa6327254e80bf7bf8262db17a7a8fdb2ecc5df028ffd05fc76e810600126314132fe87d4ba3c4ebda6efb982e43d544465322
SSDEEP

1536:iG6lDCviw9SG/UBjFhzyt9q3QAwv7CrYyLicT6K3o0xNta0QRLrXb:sDBGEFhz8q3QA83yLPTJ3o7Bnb

Score

N/A

Malware Config

Signatures

Files

1c666b1114a86e534b0fa0db1c5be303fd900a9bc6e4640dfb300c5493231594
.exe windows x86

da4828dac85fb58a8cd52b45fe261539

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputW
DosPathToSessionPathW
SignalObjectAndWait
GetVersion
GetConsoleProcessList
LZCreateFileW
VerLanguageNameA
GetNamedPipeHandleStateA
Heap32First
EnumResourceTypesW
GlobalDeleteAtom

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 58KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE