174b2824702bb212a63fa5c6075aa75acbce778d19a0a3107170f0a8368d16bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

174b2824702bb212a63fa5c6075aa75acbce778d19a0a3107170f0a8368d16bf
Size

65KB
MD5

53ec021fc614de6ac3754be9a529deb4
SHA1

63faaaba469516758cdfa17c3d02d4e0647ada4c
SHA256

174b2824702bb212a63fa5c6075aa75acbce778d19a0a3107170f0a8368d16bf
SHA512

49761feed2515112555f81d05d670dcd329b36fb9f29edd58745b2c789ae112445741eb5282d7d805bacfbc7e51f3cb3112da9bb607d172e4597e87263c5b24e
SSDEEP

1536:z2IkRXIpLxr2qI2PMe30adayTrGMov2vcszeF:zMRX9qJ5304awr5ov2TzM

Score

N/A

Malware Config

Signatures

Files

174b2824702bb212a63fa5c6075aa75acbce778d19a0a3107170f0a8368d16bf
.exe windows x86

631c6c22ada63f7a603d83197c6bbf98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleProcessList
GetCompressedFileSizeW
IsBadCodePtr
InterlockedExchangeAdd
WriteProfileStringA
SetHandleInformation
BindIoCompletionCallback
PrepareTape
DeleteVolumeMountPointW
DuplicateConsoleHandle

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE