4aa02342b70a00497f60b8b0e530b416f928247a1bf2eb55b006ccf1d4d22a83 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4aa02342b70a00497f60b8b0e530b416f928247a1bf2eb55b006ccf1d4d22a83
Size

118KB
MD5

24bdfeef4869e6f1d79599723c2f6ba0
SHA1

8e2f88be3183eba57197730cba93f7196a44eec9
SHA256

4aa02342b70a00497f60b8b0e530b416f928247a1bf2eb55b006ccf1d4d22a83
SHA512

75d9e6e2c4e4aa6eb54a2fe41e7955afef353c05e892144ff8954c32bb32f88292e078c8f94d1a014851fac0108b0b345fc8c0be783465ca68cb76554893d0c5
SSDEEP

1536:ZFDIhhlQadW18K429kXL4HGRzv+x3sA9lrvJx+PglVrY1ZjdybimiR6t17o8LRXo:jDZKwK2K7qGRT+P7qIoZjj/HFgQ

Score

N/A

Malware Config

Signatures

Files

4aa02342b70a00497f60b8b0e530b416f928247a1bf2eb55b006ccf1d4d22a83
.exe windows x86

c79ecbd80f9f198bc0786579ae12ceb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
lstrlenW
GetFullPathNameA
GetLocaleInfoW
CreateEventA
lstrcpyW
lstrcpyW
GetModuleFileNameW
GetStartupInfoW
GetPrivateProfileIntA
TlsGetValue
VirtualAlloc
lstrcpyW
GetNumberFormatA
FindNextVolumeW
TlsAlloc
lstrcpyW
lstrcpyW
GetCurrentProcess
SetConsoleTitleA
TlsAlloc
GetModuleHandleA
SetCurrentDirectoryA

untfs

Chkdsk
FormatEx
Format
??0NTFS_BOOT_FILE@@QAE@XZ

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ORPC
Size: 1024B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ