6b7aa8cde0fc3caf4261b13fa259ebd18f6f588051bc8480e2891677a6f1d1e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b7aa8cde0fc3caf4261b13fa259ebd18f6f588051bc8480e2891677a6f1d1e3
Size

171KB
MD5

0d5259dd1ffe221b093b0a9ca3968fef
SHA1

7314508b8bb8a066e1842b492a0eac5b17fbf1ed
SHA256

6b7aa8cde0fc3caf4261b13fa259ebd18f6f588051bc8480e2891677a6f1d1e3
SHA512

be5548ec2a20f9e8ee386ceafc86ccdb50840e8940dc420b1a5db1588c363c0b3815b02a86572bb5413d5a31289d885acd69b63261cce3d2b20857b0d9a7f301
SSDEEP

3072:O0Fau05ESiC8g8I6VZmiedKNudzT98x958n6naGXQEqmF8nK8H:ZF3YESi5hZmi2KYlex958n0zXQaF8nKm

Score

N/A

Malware Config

Signatures

Files

6b7aa8cde0fc3caf4261b13fa259ebd18f6f588051bc8480e2891677a6f1d1e3
.exe windows x86

883913397339b1a43bf1a77522b3a5f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LZStart
BeginUpdateResourceW
GetPriorityClass
CreateHardLinkW
SetEvent
GetDriveTypeW
EscapeCommFunction
GetProcessIoCounters
CreateSemaphoreA
GetNumaHighestNodeNumber
ZombifyActCtx
SetConsoleCommandHistoryMode

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 157KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE