084d07b9b30a43a38d711f510fbfac4f8a9699b035ed12351ef20c887e79112d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

084d07b9b30a43a38d711f510fbfac4f8a9699b035ed12351ef20c887e79112d
Size

66KB
MD5

3187fa0a2f72825b1293de85db05f4e0
SHA1

5e2673ea670aeab25d29ca7d40a4b730ad1a7599
SHA256

084d07b9b30a43a38d711f510fbfac4f8a9699b035ed12351ef20c887e79112d
SHA512

cb3e9ce1503283c48ffe5fbae8789f3c2345847937cc2e3a764ca46a72225c82647a78a74f9367a3fc183b4ce6c05bba8362de40e0efed1446f4743884b50c89
SSDEEP

1536:1015GIHXZVk7jZRno0f7+OEc9rQMTUxGcyrhNY8LriFi:10exu0KO5UaUqrhe8LW

Score

N/A

Malware Config

Signatures

Files

084d07b9b30a43a38d711f510fbfac4f8a9699b035ed12351ef20c887e79112d
.exe windows x86

ca2cd532c0a49374e16aa5adc010c336

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNamesForVolumeNameW
lstrcpynA
RegisterConsoleIME
SetConsoleCursorPosition
OpenFile
NumaVirtualQueryNode
GetModuleHandleExA
GetProfileStringW
RegisterWowExec
IsValidUILanguage
UpdateResourceA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE