b0719305e1262dbe97e0867186bd0d81f374983aef6f034575f03472345c4992 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0719305e1262dbe97e0867186bd0d81f374983aef6f034575f03472345c4992
Size

91KB
MD5

ac6823261eeb4b5126134b3e85fc2472
SHA1

5b15762bf4c76a86ca57ad6e641393d916b8f285
SHA256

b0719305e1262dbe97e0867186bd0d81f374983aef6f034575f03472345c4992
SHA512

9ccc8c8a91265588c56c3edd6adb0e1ea62db2a009e322f5892170cf01d94de45db916031453a98fe3f14f5f447e0c9f26d468a7b70b1ddf17c481c7a1dabe52
SSDEEP

1536:RcG2UFaAYanOTZQ2RsNNFe0euSRJ85wQ22ER32ZRx1EpKTPZwfQTrJFMkgfP/FQT:3DUyuIJZkOexMYYQXP53Vlu

Score

N/A

Malware Config

Signatures

Files

b0719305e1262dbe97e0867186bd0d81f374983aef6f034575f03472345c4992
.exe windows x86

e0a9018765d7bdef42d62e3b73054561

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetupComm
PrivMoveFileIdentityW
FindFirstVolumeMountPointA
MapUserPhysicalPages
GetConsoleKeyboardLayoutNameW
GetLongPathNameA
FindVolumeMountPointClose
IsWow64Process
GlobalMemoryStatus
RegisterWowBaseHandlers

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 77KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE