6729eadbaae12df1b73ccb6c3370e088a5e0789ab99d4aff3736b6a634e985d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6729eadbaae12df1b73ccb6c3370e088a5e0789ab99d4aff3736b6a634e985d2
Size

306KB
MD5

0498a8da369a58f619e497b3963bf2a0
SHA1

baeee2612778ebb8ce24fc1d364eaec6fc0f012c
SHA256

6729eadbaae12df1b73ccb6c3370e088a5e0789ab99d4aff3736b6a634e985d2
SHA512

5d5877c629b6420c5781500a5603a6e70aba9823bc6d08d65004fa2bc1632d62a9abec7c79379cae8401137d62f16917b676ccfe2d5af17eb53f92a3010d96f2
SSDEEP

6144:LqYm5XiKbDDvu9zvsKKQCfRhedcSnGlH98iQfeKc:LqYIiKbDDu9wK+fR+S8izD

Score

N/A

Malware Config

Signatures

Files

6729eadbaae12df1b73ccb6c3370e088a5e0789ab99d4aff3736b6a634e985d2
.exe windows x86

7d5d54f1ebce392badc1beee95010e09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
HeapCreate
GetCurrentDirectoryA
GetFullPathNameA
CloseHandle
GetDiskFreeSpaceW
FindNextVolumeA
GetEnvironmentVariableW
ReleaseSemaphore
GetFileAttributesW
GetModuleHandleA
ReadConsoleA
CloseHandle
FindFirstVolumeA
lstrcmpW
GetStringTypeA
WaitForMultipleObjects
OpenMutexW
GetConsoleMode
GetFullPathNameA
CreateSemaphoreA
GetModuleHandleW
GetVolumePathNameA

certmgr

DllGetClassObject
DllCanUnloadNow
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.pack
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE