477107f8944f41a6547a4896389aaf00b8d2c3908e39739f2090ad3cf305129a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

477107f8944f41a6547a4896389aaf00b8d2c3908e39739f2090ad3cf305129a
Size

76KB
MD5

f9a50319cb35d14505e07c6a2877372e
SHA1

138d02443903d9bb64f9fe8683db3b62d295b855
SHA256

477107f8944f41a6547a4896389aaf00b8d2c3908e39739f2090ad3cf305129a
SHA512

5b8be883c06ea7b71e9d2b8604c7ff9d41708f875760595f9eb15fe096c022cba712259c5ce2392a65f95b251ae88242e45b9dd29bbafaaa9b293d457ff0ddf0
SSDEEP

1536:MmaYtec6z5w30B9aGQABIYxDvxD4ONAN2zGjUPLldYHpjVrs2ryrd1vUQuq6:HH6zu0TaG1IoDvxD47YziUzfuHs2qo

Score

N/A

Malware Config

Signatures

Files

477107f8944f41a6547a4896389aaf00b8d2c3908e39739f2090ad3cf305129a
.exe windows x86

5e90d81a374670e04bbcf89f9eb88947

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ZombifyActCtx
RtlMoveMemory
GetSystemDefaultUILanguage
GetTickCount
GlobalUnWire
LCMapStringA
GlobalAddAtomA
IsValidLanguageGroup
Thread32First
GetNumaAvailableMemoryNode
RtlZeroMemory

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE