988e49f989b883ddbfcc19d9ebbbf9506189430caaeea018cd88b12ccbc56bc8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

988e49f989b883ddbfcc19d9ebbbf9506189430caaeea018cd88b12ccbc56bc8
Size

76KB
MD5

b1c7e71c36f7da55e63bb583b59be151
SHA1

0571f53f34639c4f4c46b86f7c06de7770541d8f
SHA256

988e49f989b883ddbfcc19d9ebbbf9506189430caaeea018cd88b12ccbc56bc8
SHA512

c1b433b74f92e80d98fc5c35c407e08ff9bb952d9c383579f815a5aba2864f6bc6b8262cbc6c596e64915f1d08f1ccba754f08808e930a877c498cdb03bb67d4
SSDEEP

1536:OeLODUQ22L5QlK6uBF0Kh/P0WNk6lq361LGypjVrs2ryrd1vUQuq6:OVDF2HlK6Oaa/P0WNDDGyHs2qo

Score

N/A

Malware Config

Signatures

Files

988e49f989b883ddbfcc19d9ebbbf9506189430caaeea018cd88b12ccbc56bc8
.exe windows x86

201088fa43d5f63c05c94c7e9f07b412

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
FreeResource
CloseConsoleHandle
GetTapePosition
EnumSystemLanguageGroupsA
FindNextVolumeW
InitializeSListHead
GetTempFileNameW
LoadResource
IsProcessorFeaturePresent
GlobalReAlloc

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE