1d6442767549fbb7daf7e70e4037e03870a9ce4d2796ec7eab5e26b50f6c2904 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d6442767549fbb7daf7e70e4037e03870a9ce4d2796ec7eab5e26b50f6c2904
Size

48KB
MD5

9c481d9f9725abcb1665da18d70705bd
SHA1

6040731f31ad06717fc2865a9dcd40e36be12640
SHA256

1d6442767549fbb7daf7e70e4037e03870a9ce4d2796ec7eab5e26b50f6c2904
SHA512

189e851bb174f8ec2b2ec8506c7cdaa2c36b077d98a184445b8688e17dd7533faf13a6bdd9f4845dfe50a0cd6b0c38c9a1c7a27455eb8946d957a316f987fbe8
SSDEEP

768:J27A+X9fk40TpGn1mrXv4pMpWEjpMWhh/UhUyOg3UVd4W1JWylpDH7PxREHRmI7u:Jb+X9Y1Lr4MRes/1aCdNnHL7PxREHoIK

Score

N/A

Malware Config

Signatures

Files

1d6442767549fbb7daf7e70e4037e03870a9ce4d2796ec7eab5e26b50f6c2904
.exe windows x86

06bdb42989e045ef5ed543fa9692f7e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowDC
FindWindowA

kernel32

GetDriveTypeW

Exports

Exports

?BeginForce##YGPAXU_RECTL###Z
?CellRinger@@YGPAXU_RECTL@@@Z
?LineHandle@@YGPAXU_RECTL@@@Z
?ProperSight@@YGPAXU_RECTL@@@Z
?TimerConnect@@YGPAXU_RECTL@@@Z

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ