f4822a78649e5411cfaf0b037396aace76a98940ee83b3496280f64b7a989d21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4822a78649e5411cfaf0b037396aace76a98940ee83b3496280f64b7a989d21
Size

92KB
MD5

41f44641f53e83af4e67cdc198837e2c
SHA1

d806a8f7b5469c898d4e23bb22a95d79f7ffd5e2
SHA256

f4822a78649e5411cfaf0b037396aace76a98940ee83b3496280f64b7a989d21
SHA512

8de5d61843cc97d5a3ef2553c278d80de4b8e884a9ee9bf05fb524decf76050eefe80dd5fdb34de5afba4c46cfc38cd854a41aaa4de402c990ce71143c98e802
SSDEEP

1536:AhUZa+f6buWrwI9v+W8HbGCY3mvEsl0C8o2croZjEErxTWDTMqhGKYIZTET8u5j2:A+a+iFL92a36EsCrorMZjBkMqhGKZTbo

Score

N/A

Malware Config

Signatures

Files

f4822a78649e5411cfaf0b037396aace76a98940ee83b3496280f64b7a989d21
.exe windows x86

20417261d664410b694579a6d7514ef8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetHandleInformation
GetBinaryTypeA
WriteProfileSectionW
GetSystemWow64DirectoryA
GetNlsSectionName
FlushFileBuffers
FreeUserPhysicalPages
ShowConsoleCursor
NlsResetProcessLocale
DosPathToSessionPathA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 26KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE