deb56007e42e21f67e0962777d0220a357eb6bda7b39e0d56f5b9bff6ad5f07d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

deb56007e42e21f67e0962777d0220a357eb6bda7b39e0d56f5b9bff6ad5f07d
Size

61KB
MD5

c8261a770fe9fdbaaccb26a21a71f54e
SHA1

50fa357ad45036f930f8d595c3b7188946084d94
SHA256

deb56007e42e21f67e0962777d0220a357eb6bda7b39e0d56f5b9bff6ad5f07d
SHA512

fa5ee47c5f53405da201f177df72c3a04e41c57a3540b32b279858931d66c963719f110fa14489ac5d0b89053e3d6fbbd10cf3412ed6fdcdaf6a8bf1c9eea6c6
SSDEEP

768:negmVCAs9dcJBRNsTdRYiwMlFR8T0BNrXnEoc+KDI7hcjApb4V9yG4gCFJ/EyjPd:uGdABoplzNrXfcB4hcjAMr4V7jP5T4g9

Score

N/A

Malware Config

Signatures

Files

deb56007e42e21f67e0962777d0220a357eb6bda7b39e0d56f5b9bff6ad5f07d
.exe windows x86

3e1180b6a8bd4d1be1c25737b1549b8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GetModuleFileNameA
CreateProcessA
CreateFileA
GetFileSize
ReadFile
VirtualAllocEx
WriteProcessMemory
GetThreadContext
SetThreadContext
ResumeThread
CloseHandle
LocalFree
ExitProcess

ntdll

ZwUnmapViewOfSection

Sections

.e0n
Size: 859B - Virtual size: 860B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE