6315bdc9a2579a3ad5ecba494e7cd45f6f59555464fc3af66861fdb2e5ff27eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6315bdc9a2579a3ad5ecba494e7cd45f6f59555464fc3af66861fdb2e5ff27eb
Size

2KB
MD5

0c773f1ffd7aa9122bb3a80f16b4a510
SHA1

f9668004b6020eb6ca80204929d5343e58f9a817
SHA256

6315bdc9a2579a3ad5ecba494e7cd45f6f59555464fc3af66861fdb2e5ff27eb
SHA512

911cb551714df02ab0b9dff5a1d9b8a753a18900912f22c37cec2e03ccd00f443bc9ffae0af890bbd1f2a13ab6ace8e3463563c55b2af61c562f40604370195d

Score

N/A

Malware Config

Signatures

Files

6315bdc9a2579a3ad5ecba494e7cd45f6f59555464fc3af66861fdb2e5ff27eb
.exe windows x86

7dc34d16519fe3e07b91f3af1fbfec5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
VirtualAllocEx
lstrlenA
OpenProcess
GetCurrentProcess
GetModuleHandleA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetVersionExA
GetProcAddress
CreateRemoteThread
GetLastError
CloseHandle

advapi32

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA

shell32

StrCmpNIA

Sections

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE