a64c86a0f9752c6b512f0a5ace800f30ca05fcd82af0424d9cf7c302d69e6129 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a64c86a0f9752c6b512f0a5ace800f30ca05fcd82af0424d9cf7c302d69e6129
Size

56KB
MD5

940874e905fa5442257f80322af35ba5
SHA1

e8088cb4777ab7034dcdac82d8a7e55ef7e63d09
SHA256

a64c86a0f9752c6b512f0a5ace800f30ca05fcd82af0424d9cf7c302d69e6129
SHA512

2f970b3694f7208dc07bdb9e61af5a010b75151ed7e11ed762e02dc63246e0d02eb30151a0220334f86453835fcd57084ec547daa4827787614eeb250ff2f3b6
SSDEEP

1536:ycCecZwao1ThOnfGza5fPftV8ssC0mSB0NZgy1Q:kLCa0ThOnv5fnUssTn0oX

Score

N/A

Malware Config

Signatures

Files

a64c86a0f9752c6b512f0a5ace800f30ca05fcd82af0424d9cf7c302d69e6129
.exe windows x86

019de9bf0313b0d8ae2e263bed7da34c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileSectionA
Module32Next
GetLogicalDrives
RegisterWaitForInputIdle
FindAtomW
RegisterWowExec
GetConsoleAliasW
GetTempPathW
DeactivateActCtx
OpenFileMappingW
VerLanguageNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE