6e196048b5d5ba01f02c59acf75aef44d15fac9e4c18408842b7fe579a5d0db3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e196048b5d5ba01f02c59acf75aef44d15fac9e4c18408842b7fe579a5d0db3
Size

120KB
MD5

3cb215d2487c1e59100d944065c99059
SHA1

2b5972dd5789aa4163764e8d3a15c38e0721ced7
SHA256

6e196048b5d5ba01f02c59acf75aef44d15fac9e4c18408842b7fe579a5d0db3
SHA512

c860a1a4d0d1dab198f926f9d133702cf3470b6e66ab3b45e3acfbe26a62741fefd2fa608ff0f1b6690f76180662b6983857aec349c52c52f8a75955952ff6d6
SSDEEP

1536:tqcQ3v34Qwi11FFJNI8HpO+gCsI1zaRd76nn8VFiM5BbbQn1zjmAcYfA4/zEIHw+:Y93tvzJXpkI12z6n8Vrng11xU8jt

Score

N/A

Malware Config

Signatures

Files

6e196048b5d5ba01f02c59acf75aef44d15fac9e4c18408842b7fe579a5d0db3
.exe windows x86

be35e2d6b0afe7c4965f3bc3bc84d8bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

calloc
_except_handler3
_controlfp
free
_exit
__p__commode
__p__fmode
__set_app_type
__p___initenv
_XcptFilter
atan2
_adjust_fdiv
__getmainargs
_initterm

kernel32

GetProcAddress
WriteConsoleA
InterlockedIncrement
GetExitCodeProcess
VirtualProtect
GetStringTypeW
lstrcmpiA
GetModuleHandleW
GetThreadLocale
SetFileAttributesW
GlobalUnlock
GetShortPathNameA
SetFileAttributesA
lstrcmpA
GetUserDefaultLangID

Sections

.text
Size: 1024B - Virtual size: 562B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE