f6fc13b25fca2e790ee73982fe95bc64681229194f015de108632f7a5a5abdec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6fc13b25fca2e790ee73982fe95bc64681229194f015de108632f7a5a5abdec
Size

810KB
MD5

2c9c43b932eb556900ae1f5c986a06a0
SHA1

231c9218a475e7cd2f62b23d97c2aaaf78019b95
SHA256

f6fc13b25fca2e790ee73982fe95bc64681229194f015de108632f7a5a5abdec
SHA512

bf52a83a514455d28b34d80e1c32499e68a05b018f0c6e5ca3beee67c65aa02f10b57fd6c7969748d0eb60f3c3fe10a8957bed7ca6d2e4d66ceedc7e40e0222c
SSDEEP

12288:A3jaTm9+w35JeE8bGG6f3UWe29/0RFGd+DpCJKxXh3H93xc7RuDKykAe:Aow3+Eerg9/wAcWK3dK7RuOR

Score

N/A

Malware Config

Signatures

Files

f6fc13b25fca2e790ee73982fe95bc64681229194f015de108632f7a5a5abdec
.exe windows x86

febd76d562f22b4c9a73e3af941ed18a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
CryptGetHashParam
CryptReleaseContext
RegCloseKey
CryptCreateHash
RegDeleteValueA
DuplicateTokenEx

shlwapi

SHDeleteKeyA
PathRemoveFileSpecW
PathFindFileNameW
wnsprintfW
PathFileExistsW
wvnsprintfW
StrStrW
PathMatchSpecW
PathCombineW
StrCmpNIA
StrCmpNIW
wnsprintfA
wvnsprintfA

Sections

.iluf
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.srop
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.szsv
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ