467011748499a78e1e0661ff77d14bd39204cd3d7c0ac3b78ecc533520fe3226 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

467011748499a78e1e0661ff77d14bd39204cd3d7c0ac3b78ecc533520fe3226
Size

86KB
MD5

90a084adf789ae57e6fd08e88869a105
SHA1

1a8c48018c34f185ec5b88b2c8c7406872da1f16
SHA256

467011748499a78e1e0661ff77d14bd39204cd3d7c0ac3b78ecc533520fe3226
SHA512

2d825813c81725160b717455873dc60a9d30659acdc2609e72150b325654edfc3d14a8363229db1ca8d240a58a07e0d75d14a3f04f76540ca6716a19b0dca2dd
SSDEEP

1536:ulFsC/9BNQ5tBA9WItvaMJDsjtCKUGUIcJXCF17hb7PPpNf1BnJNP7dcf7T61s5G:FCaCIItvaJtCKUG/cJXCFzb7JNf1Njd1

Score

N/A

Malware Config

Signatures

Files

467011748499a78e1e0661ff77d14bd39204cd3d7c0ac3b78ecc533520fe3226
.exe windows x86

bb605a29d9e46205f1ed6f92e2e80f06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleOutputW
CompareStringA
Thread32Next
NlsConvertIntegerToString
SetVolumeLabelA
VerifyVersionInfoW
ZombifyActCtx
GetModuleHandleW
GetUserDefaultLCID
FindActCtxSectionStringA
WriteFile

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE