0bd6d2d80ff860eb113a05a45e2f960a2829b35775b94aabc530d3e9593a232f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bd6d2d80ff860eb113a05a45e2f960a2829b35775b94aabc530d3e9593a232f
Size

811KB
MD5

059fb3fbfc3b01a9c78ac930dd954570
SHA1

798d8b268a00de36cbe694dc3a635c1aa1a243b5
SHA256

0bd6d2d80ff860eb113a05a45e2f960a2829b35775b94aabc530d3e9593a232f
SHA512

331450117dd8a16c118c6e51807411a4913cc7463cbdeb1c4ccfca9cc61b2673a39eaad03eeb7c7975e743e53e4882773ad69454ab8e3a07100c72111e6898f3
SSDEEP

24576:BRqyBBoMfaI8fVhW04LX5nYndN3QoSPR//amka4I:BrBBoMfXmVhgxYHAx//x

Score

N/A

Malware Config

Signatures

Files

0bd6d2d80ff860eb113a05a45e2f960a2829b35775b94aabc530d3e9593a232f
.exe windows x86

14faa1b6feffefb4156933e401758578

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetNumberFormatA
GetLocaleInfoW
GetModuleFileNameW
SetConsoleTitleA
FindNextVolumeW
GetPrivateProfileIntA
GetStartupInfoW
lstrcpyW
VirtualAlloc
DeleteFileA
GetFullPathNameA
lstrcpyW
SetCurrentDirectoryA
CreateEventA
lstrlenW
lstrcpyW
TlsAlloc
TlsAlloc
lstrcpyW
lstrcpyW
TlsGetValue
GetCurrentProcess

untfs

Format
ChkdskEx
Extend
Recover

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 1KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 796KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EDATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ