6fe859365f133a487f3f44b4aaa0c0a41b9faa6302500f65be6fba5e997981c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fe859365f133a487f3f44b4aaa0c0a41b9faa6302500f65be6fba5e997981c1
Size

817KB
MD5

c9d1e13bfab0aacc1512959ae9610b88
SHA1

3a6d7a75fd31a366867f97a44fe81d0dc7c2564e
SHA256

6fe859365f133a487f3f44b4aaa0c0a41b9faa6302500f65be6fba5e997981c1
SHA512

d6a410ee6337c642b3049d76037d23c7d722587b0580d2578700f7b0ba6e5543c0ca891581b243dbfacf735602ee407a09365f677fe1ed1c0a36b254a04c6fe9
SSDEEP

24576:3p1Ujf2O9P395ZY8NtthqifF89R6Mc63Tjr:fUjf9D5HeifFQoQTj

Score

N/A

Malware Config

Signatures

Files

6fe859365f133a487f3f44b4aaa0c0a41b9faa6302500f65be6fba5e997981c1
.exe windows x86

3c746b67d7c8d642b13157a8507f77d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpynA
lstrcpynA
lstrcpynA
ReadConsoleA
lstrcatA
DeleteFileW
lstrcpynA
FormatMessageW
lstrcpynA
lstrcmpA
GetModuleHandleA
lstrcpynA
SetThreadPriority
GetFileSize
lstrcpynA
GetCurrentThreadId
lstrcpynA
lstrcpynA
GetDiskFreeSpaceW
OpenMutexW
lstrcpynA
VirtualFree
GetCurrentDirectoryA
GetFileType
ReadFile
GetCommandLineW
VirtualProtectEx
GetPrivateProfileIntA
CreateDirectoryW

certcli

CAFindByCertType
CADeleteCertType
CAEnumNextCA
CAEnumFirstCA

Sections

.text
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ