92141084176154ff7a4744a02cd5d2a10e4afb9d036d01c3962e203f1e6e7dba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92141084176154ff7a4744a02cd5d2a10e4afb9d036d01c3962e203f1e6e7dba
Size

307KB
MD5

033d803246dfb7fb4564fb02102ba797
SHA1

55c86aa5fc5486d58666ca6edbbcb425de265e73
SHA256

92141084176154ff7a4744a02cd5d2a10e4afb9d036d01c3962e203f1e6e7dba
SHA512

bdcf096cac1856531547b546ba03596ee773de0eb8f289cca8b9c67b34f317b6fae8b70a205407a03eb6788350de936c28a614c1de5962ff498f4396eab357c2
SSDEEP

6144:msVcbf70rgZgJ7x7LEJjbrAr+Je2BVswceQBEjI2az4owF:mic87CBru72BVsW22azJ

Score

N/A

Malware Config

Signatures

Files

92141084176154ff7a4744a02cd5d2a10e4afb9d036d01c3962e203f1e6e7dba
.exe windows x86

33c3b79cfb500e7b3c0f7e085ece5c27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
CreateEventA
DeleteFileW
lstrcpynA
TlsGetValue
GetPrivateProfileIntA
lstrlenA
GetCurrentProcess
lstrcpynA
VirtualAlloc
lstrcpynA
GetModuleHandleA
GetLocaleInfoW
GetStartupInfoW
TlsAlloc
GetNumberFormatA
GetModuleFileNameW
FindNextVolumeW
GetFullPathNameA
lstrcpynA
TlsAlloc
SetCurrentDirectoryA
FormatMessageA

vssapi

VssFreeSnapshotProperties
??1CVssWriter@@UAE@XZ
??0CVssWriter@@QAE@XZ
IsVolumeSnapshotted

Sections

.text
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 289KB - Virtual size: 288KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ