f9031c5cb0dd60c8610a68648d599938925403d1d1e8395f5bc8996f074b5aab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9031c5cb0dd60c8610a68648d599938925403d1d1e8395f5bc8996f074b5aab
Size

309KB
MD5

200e7ce6b86937f46b9527e019d2d7bb
SHA1

7b7a5a32dcc4b83024e2be89c1f290545a1cb535
SHA256

f9031c5cb0dd60c8610a68648d599938925403d1d1e8395f5bc8996f074b5aab
SHA512

f313221a3baa07e2f8fd1c97e21c390f4d577a1473b4afadf722a94cc983412a484f11a1614b739c38c147ca855d77992c5a0aa0217665bbc532224601a22731
SSDEEP

6144:C+IhFwMaUBhdoOPWUFEbT/dIYScQZJyKUEQGGSNRKF39gvL7/GWRUFMor4W:7s7NBhdWgOKlcUAZS6O7OWCR

Score

N/A

Malware Config

Signatures

Files

f9031c5cb0dd60c8610a68648d599938925403d1d1e8395f5bc8996f074b5aab
.exe windows x86

2c980e6d0b2784444b90e86eabafbee8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeW
GetStartupInfoW
CreateEventA
SetStdHandle
FindNextVolumeA
GetCurrentProcess
lstrlenW
VirtualAllocEx
lstrcpyW
GetModuleFileNameA
lstrcpyW
IsBadStringPtrW
GetLocaleInfoA
TlsAlloc
SetCurrentDirectoryA
lstrcpyW
GetPrivateProfileIntA
SetConsoleTitleA
GetNumberFormatA
GetModuleHandleA
DeleteFileA
lstrcpyW
lstrcpyW

untfs

Extend
ChkdskEx
Recover
Format

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RData
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EDATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE