ed06692c192f45504ab5781657fe901633d16d94734184c5c9c4c5b7b2a70bf1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed06692c192f45504ab5781657fe901633d16d94734184c5c9c4c5b7b2a70bf1
Size

56KB
MD5

085b8bc3985cc712eedc208ba23eabd6
SHA1

aa0aaa402b471e25c422320d36b70e0123a39ef9
SHA256

ed06692c192f45504ab5781657fe901633d16d94734184c5c9c4c5b7b2a70bf1
SHA512

f80f8dcd1418fa1f5deb9c783e2a97b5867cd2bc00a2f7c88a18ff41368f01421bbf8d3169e8949b16744f42478027dc94deaa1314b48295915339480be307a4
SSDEEP

768:knKRyHv3Xz9SWDgYnrlX357nIHZvvQi85u4MqerbFBT8q67mGToyj/b0wrvEZB11:ktBS4adv74vFq675Cy21bE7CE8

Score

N/A

Malware Config

Signatures

Files

ed06692c192f45504ab5781657fe901633d16d94734184c5c9c4c5b7b2a70bf1
.exe windows x86

16b1b21d7b25e420b8b31e1d73bf4241

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCursorMode
InterlockedExchangeAdd
SetFilePointerEx
CreateJobObjectA
Process32FirstW
Process32FirstW
GetLongPathNameW
lstrcatW
TrimVirtualBuffer
GetSystemWow64DirectoryW
HeapWalk

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE