c246f88bf6f0d93e61bd813483552ba9665e6e5e9c896940b8f36ffb2ceb0509 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c246f88bf6f0d93e61bd813483552ba9665e6e5e9c896940b8f36ffb2ceb0509
Size

1.2MB
MD5

bba4679af92415cb36ee4abbff37e699
SHA1

f560a313149cc76a668e1165c3ddcce21445a438
SHA256

c246f88bf6f0d93e61bd813483552ba9665e6e5e9c896940b8f36ffb2ceb0509
SHA512

c822e0630ce68c8d7ca4648d2f80ad2763582614c4aa37a0f2c9238c7eee0a325888eec66851e12ee8bdfeb323abd7c506c5cc2a800eb3acd9e715a3961a4d52
SSDEEP

24576:gRf0ioeYNLnoxXF26NEcsPoWImvUsucVdjMmGhO:gRsNeMLnoWinKmmvUsRjMm

Score

N/A

Malware Config

Signatures

Files

c246f88bf6f0d93e61bd813483552ba9665e6e5e9c896940b8f36ffb2ceb0509
.exe windows x86

78d38598f6b6cffff00a584e50794b3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MapViewOfFileEx
WaitForSingleObject
EnterCriticalSection
FileTimeToSystemTime
CreateFileA
UnmapViewOfFile
SetFilePointer
VirtualFree
MapViewOfFile
CreateFileMappingA
GetProcessHeap
LeaveCriticalSection
GetFileTime
GetCurrentThreadId
CloseHandle
ReadFile
VirtualAlloc
ExitProcess
InitializeCriticalSection
WriteFileEx
ReadFileScatter

shell32

ILFree
ILFindLastID
PathMakeUniqueName
ILIsParent
DAD_DragEnterEx
DAD_DragLeave
RealDriveType
DragFinish

adsldpc

AdsTypeToLdapTypeCopyGeneralizedTime
ADsObject
ADsEnumClasses
ADsSetSearchPreference
ADsCreateDSObject
ADsGetNextColumnName
InitObjectInfo
Component
ADSIGetNextRow
ADSIFreeColumn
ADSIExecuteSearch
BuildADsPathFromParent
ADSICloseSearchHandle
GetLDAPTypeName

Sections

.text
Size: 490KB - Virtual size: 490KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrcs
Size: 567KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ