bf5131a0b25c8142bc70394e0b9fa5ab9505703e7c6e75946a0e2aca85e42d92 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf5131a0b25c8142bc70394e0b9fa5ab9505703e7c6e75946a0e2aca85e42d92
Size

113KB
MD5

e149edad55c4541a62728ed53194a138
SHA1

0a1db3024ffa86b8623d226c103722ebfa87c3ba
SHA256

bf5131a0b25c8142bc70394e0b9fa5ab9505703e7c6e75946a0e2aca85e42d92
SHA512

7bf077dd568eb84f5eb33ed0465724a0c5f2f92f309263239751b6284df083f4279a3e38a5eb43bafaa147e943b1385cd351f5a0f36553bc0d2198c8537ee20e
SSDEEP

1536:66iJurC/oufeUrPTNJr4+BxlO9LOT6f/c5tA4dL0mvdXeyC9NOCh9Lj4PAZM2vPw:1dEkU3r77lQ+6f/c5tt7vUvNZPCV

Score

N/A

Malware Config

Signatures

Files

bf5131a0b25c8142bc70394e0b9fa5ab9505703e7c6e75946a0e2aca85e42d92
.exe windows x86

21396ef810aa5375fe39cabb0f144d99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugActiveProcessStop
NlsConvertIntegerToString
GetPrivateProfileStringW
EnumSystemCodePagesW
ReadProcessMemory
ConnectNamedPipe
HeapQueryInformation
AddRefActCtx
VirtualFreeEx
GetPrivateProfileStructA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE