debf0c354c42c6b2e74ab6059e6279bcea685cdd9e6802da04b9090384bb61f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

debf0c354c42c6b2e74ab6059e6279bcea685cdd9e6802da04b9090384bb61f4
Size

814KB
MD5

a9eb467154eba55f7aab4481daa0e3ef
SHA1

fd8c6d9cf8c9ef198525cf448ea9e418cf267273
SHA256

debf0c354c42c6b2e74ab6059e6279bcea685cdd9e6802da04b9090384bb61f4
SHA512

71884d785c7437851aaa4c19058c735b1fd16745f3aed13e3e615f76d16860e7e6898b415bfeeb0fc6b6450feba3f193c85aef580c2ea2f3ee861ec9b14749c6
SSDEEP

12288:s3fVsClSUG2K/CYBOi8BQFTxbL72l4fzE6EBhGJCIg4iW8O32KtgYubHA:U9lSnuY0BQ1xbfKPLGJC+iatg

Score

N/A

Malware Config

Signatures

Files

debf0c354c42c6b2e74ab6059e6279bcea685cdd9e6802da04b9090384bb61f4
.exe windows x86

12b9d9328099ef4d749d3c55f7a0020a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
GetStartupInfoW
GetLocaleInfoW
DeleteFileW
lstrcpynA
TlsAlloc
GetNumberFormatA
GetFullPathNameA
lstrcpynA
GetPrivateProfileIntA
VirtualAlloc
GetModuleHandleA
lstrcpynA
FormatMessageA
lstrcpynA
lstrcpynA
GetCurrentProcess
CreateEventA
TlsAlloc
TlsGetValue
GetModuleFileNameW
SetCurrentDirectoryA
lstrlenA

vssapi

??1CVssWriter@@UAE@XZ
??0CVssWriter@@QAE@XZ
??0CVssJetWriter@@QAE@XZ
VssFreeSnapshotProperties

Sections

.text
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ