91881d9e43d15aecc31262680a5b3bcee03decddc6b61e64f7a8da20c567aa8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

91881d9e43d15aecc31262680a5b3bcee03decddc6b61e64f7a8da20c567aa8b
Size

80KB
MD5

85f924b394146927868094fb51ad4336
SHA1

52d2d3754dc40e007ddee3798578c805a7e4227e
SHA256

91881d9e43d15aecc31262680a5b3bcee03decddc6b61e64f7a8da20c567aa8b
SHA512

d43c3e7d2caeb9df46603c6d05354411d8cafbd1e38cdba54bd67f7dab02005b5064139fce4cf75e9450efb9cc1c17bb819956c2253b36d87237ac790483e25b
SSDEEP

768:9tTbyXA6ni6t8qk3lZejt/fHOuHoIG7EQD+w40ECggN5lmgQqz6VLSX6gHANsLZW:wqlIGT+w4kNQqEF2LZIMX/i82hW8fPL

Score

N/A

Malware Config

Signatures

Files

91881d9e43d15aecc31262680a5b3bcee03decddc6b61e64f7a8da20c567aa8b
.exe windows x86

99e7bb58e92188a96351f8d0034eaa06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNextVDMCommand
FindFirstFileA
GetCalendarInfoW
CreateProcessW
GetFileSize
GetProcessHeap
SetNamedPipeHandleState
VDMConsoleOperation
GetComPlusPackageInstallStatus
GetWindowsDirectoryW
GetConsoleProcessList

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE