c3e77637f107731226dcb8f5611b36737d1e34de94e85ff3a3542f4bad0d6841 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3e77637f107731226dcb8f5611b36737d1e34de94e85ff3a3542f4bad0d6841
Size

119KB
MD5

18d03efb46c2eee4f629060a6e579fb4
SHA1

9a57253d5ac6f2dbe78e590d1ce723f8413b1270
SHA256

c3e77637f107731226dcb8f5611b36737d1e34de94e85ff3a3542f4bad0d6841
SHA512

2cabe0281e9054d5761c788950071e06bac1102d2fe8f4825abbea7cfed6290adfc70d946151c5cb71faa72315ad30335eb19949860ee6037a350f6a2157cb00
SSDEEP

1536:RjTHiOeJn6Ec2MwL2pJV6hQpjVrs2ryrd1vUQuqSSqK5tnCvv:RfHc5MwL0kSHs2qxnC

Score

N/A

Malware Config

Signatures

Files

c3e77637f107731226dcb8f5611b36737d1e34de94e85ff3a3542f4bad0d6841
.exe windows x86

c9a336edffae989dfbd3a09c4e71d8de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AttachConsole
ReadFileEx
lstrlenW
GetPrivateProfileIntW
HeapDestroy
GetTempPathW
GetUserGeoID
DeleteVolumeMountPointW
GetNumberFormatW
FindVolumeMountPointClose
DeactivateActCtx
GetNumaProcessorNode

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 63KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE