9663eca0b5e435d0fc1ab59831f71fbccf1e7fe05aa437760a8e297fbb48327b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9663eca0b5e435d0fc1ab59831f71fbccf1e7fe05aa437760a8e297fbb48327b
Size

2KB
MD5

3f4507988ed83cc7df5814cdaaa8b46d
SHA1

b8b62f6382ff4393f56370693519537336486905
SHA256

9663eca0b5e435d0fc1ab59831f71fbccf1e7fe05aa437760a8e297fbb48327b
SHA512

58c4538f864a0e2155bfb7bf596a27a34964a27cbcce19f2542e4920da87df0f4a9875b1f73e23d7350e0fea4a6339b99a98be418d2e39fc14e834e5f8d03fa2

Score

N/A

Malware Config

Signatures

Files

9663eca0b5e435d0fc1ab59831f71fbccf1e7fe05aa437760a8e297fbb48327b
.exe windows x86

1412c6de35fdd0250e84461514197a7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
GetCurrentProcess
OpenProcess
Process32First
Process32Next
TerminateProcess

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

StrStrIA

Sections

.flat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE