6794b82f53e625fd479c0384d8bdd5f9a35c47e99b48c7e063f731fa23061a5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6794b82f53e625fd479c0384d8bdd5f9a35c47e99b48c7e063f731fa23061a5e
Size

818KB
MD5

792f70bb1642b5c1f491931e4af99d05
SHA1

f3bce0bdd9c31ec806c5da71c03c04440c678ccb
SHA256

6794b82f53e625fd479c0384d8bdd5f9a35c47e99b48c7e063f731fa23061a5e
SHA512

d7894d5db95b4e08dd99029050bc1fdfb4773dc1383e21c56bb3c1624c80a335be6ad624697df3fc66a32acff5f98c02674c9322c7ad9721c62fa6f3464ad1d6
SSDEEP

12288:Rz+0+CzEcZjGKmTt3cAeu8gEkUUkO3DlC8xu76i6ecKQ96ocDr7Er4TljAmVO7RP:x+0tlhuRsXpFOTlzumi62Q8tXymQ7HH

Score

N/A

Malware Config

Signatures

Files

6794b82f53e625fd479c0384d8bdd5f9a35c47e99b48c7e063f731fa23061a5e
.exe windows x86

0aecc2e06324f43d273201af177a74c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetFileType
lstrcpynA
GetSystemTime
ReadConsoleA
GetCurrentDirectoryA
GetModuleHandleA
lstrcpynA
lstrcpynA
Heap32First
GetDiskFreeSpaceW
FindFirstVolumeA
lstrcpynA
lstrcpynA
VirtualFree
lstrcpynA
lstrcatA
GetPrivateProfileIntA
lstrcmpW
VirtualProtectEx
WriteFile
SetThreadPriority
GetCurrentThreadId
lstrcpynA
lstrcpynA
GetVolumeInformationA
lstrcpynA
OpenMutexW
GetDriveTypeA

cmdial32

InetDialHandler
RasCustomDialDlg
RasCustomDial
AutoDialFunc

Sections

.text
Size: 18KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ