d64caf30d0980d210aac93e34e57fffe0cce58650355fc0d942906d50778059d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d64caf30d0980d210aac93e34e57fffe0cce58650355fc0d942906d50778059d
Size

92KB
MD5

8cb7fc90a23fb7452fa9447729028716
SHA1

43cf2f658d6e99c76a3777301624842934548dd7
SHA256

d64caf30d0980d210aac93e34e57fffe0cce58650355fc0d942906d50778059d
SHA512

e3a5fa1bd72978c8af4a7892581f52223245d9eb7321c6883d3546040472487e778423584740c5afeb1ccbe5137a17a30e7c38cde9f283dde4dc0a5c2d3749e8
SSDEEP

1536:uI/vJd/voTBp8RdwA3pP5mF1br2d1pUwrPtSVG6Z83YacIyP/69QAq0Gb8/Z5H8T:d7/YmRdwA3yJ2dbUUSQaKYBbWq0GQP0j

Score

N/A

Malware Config

Signatures

Files

d64caf30d0980d210aac93e34e57fffe0cce58650355fc0d942906d50778059d
.exe windows x86

93a0b7f4c13e4b324d7e027a3341e522

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindActCtxSectionGuid
SetConsoleWindowInfo
_lopen
InterlockedIncrement
MulDiv
ReadFile
lstrlenW
FindAtomA
ReadConsoleOutputW
DnsHostnameToComputerNameA
GetFileType
AssignProcessToJobObject

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 36KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE