9e7ff9fa52308c6397f56b6a86933ffd76676ab8a72d87b3c5ff9a980fa82739 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e7ff9fa52308c6397f56b6a86933ffd76676ab8a72d87b3c5ff9a980fa82739
Size

119KB
MD5

b65040f2217b330efc6f04da4a719269
SHA1

f941c87636a0c4c44a78a4c67920a21aa2e1d22c
SHA256

9e7ff9fa52308c6397f56b6a86933ffd76676ab8a72d87b3c5ff9a980fa82739
SHA512

6e9303b2159f125d172e89125fdb571ede8b89a954f649b2bcc38237ae6171ddee619c070ae9bc5e8a6cea708d6cb0b8943a847fef6c02599ae667a576ae1e75
SSDEEP

1536:bZsssszRQiTF+Ny9HJs85M2O2Na5Y5ihY5kN+pjVrs2ryrd1vUQuqSSqK5tnCvv:bZssssd9J9q2e5f/N+Hs2qxnC

Score

N/A

Malware Config

Signatures

Files

9e7ff9fa52308c6397f56b6a86933ffd76676ab8a72d87b3c5ff9a980fa82739
.exe windows x86

9d2e2b43e0941f8c2c3c86adac92d8da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
CheckNameLegalDOS8Dot3W
GetModuleHandleW
SetThreadContext
Process32Next
PostQueuedCompletionStatus
Sleep
CreateProcessInternalW
GlobalFindAtomA
InterlockedDecrement
GetCPInfoExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 63KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE