861b9637a649a2fbd98e2a875b368359f6dcde21bba4e665c964fd899064b8c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

861b9637a649a2fbd98e2a875b368359f6dcde21bba4e665c964fd899064b8c5
Size

91KB
MD5

1080f6750f13f7cf2fd7620193ba0b03
SHA1

3ce573705cf9bf3ec6135e4fd4520af7676d8398
SHA256

861b9637a649a2fbd98e2a875b368359f6dcde21bba4e665c964fd899064b8c5
SHA512

3cc2978ac9e284ba24d97d5325ddbeb0b3838689e97574fea120de1d6cc8c5cb90931ef9cc9c42bd63c13ceec1a8e22f54646cb07201590d6d8b24253a7291b6
SSDEEP

1536:MsVE8mBJp5ikbOeJBq8qE1h7MXtRABC6HOGaAzk5IqO8l65HqFGjoIL:MEE3BJp5wsqBE1qXHABCD0zOfO84R80T

Score

N/A

Malware Config

Signatures

Files

861b9637a649a2fbd98e2a875b368359f6dcde21bba4e665c964fd899064b8c5
.exe windows x86

e0b4a7a255e726a7d6aa7c653de1bbeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFileEx
ReplaceFile
SetConsoleMode
SetConsoleMode
QueryActCtxW
GetConsoleInputWaitHandle
GetNamedPipeHandleStateW
WaitCommEvent
GetVolumePathNamesForVolumeNameW
TlsSetValue
EnumTimeFormatsA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 77KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE