a47af81880a8993815676fa9be36ab10e8c417646a1463d7dcd9e5ca59025db7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a47af81880a8993815676fa9be36ab10e8c417646a1463d7dcd9e5ca59025db7
Size

306KB
MD5

0d2a24dfd11f7f9e8543bd3c96115090
SHA1

441819407ff404bd13faec5fc91f49f12aeaba3a
SHA256

a47af81880a8993815676fa9be36ab10e8c417646a1463d7dcd9e5ca59025db7
SHA512

5acc9ae574f832f65fb63ae1fc9f7a15cce31d2470516e2cc5617639b1977d713c11c8f345993fb73ed97d9a7331353e78f5001ccfef3dc83d0043cc86042ac9
SSDEEP

6144:bqAWcfQqF10NKye5nT8v8PqNNEv6n/++O880nXwWb:bqAW+pFGNKf5IEkNs6HO8jnX1

Score

N/A

Malware Config

Signatures

Files

a47af81880a8993815676fa9be36ab10e8c417646a1463d7dcd9e5ca59025db7
.exe windows x86

5389b27fdffd7b98b5f98ff9eae467f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetEnvironmentVariableW
OpenMutexW
GetConsoleMode
GetCurrentDirectoryA
GetModuleHandleW
GetFileAttributesW
GetVolumePathNameA
lstrcmpW
ReadConsoleA
CloseHandle
FindNextVolumeA
GetModuleHandleA
GetFullPathNameA
HeapCreate
WaitForMultipleObjects
CloseHandle
ReleaseSemaphore
CreateSemaphoreA
FindFirstVolumeA
GetDiskFreeSpaceW
GetFullPathNameA
CloseHandle

certmgr

DllRegisterServer
DllCanUnloadNow
DllUnregisterServer
DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.pack
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE