9406a4d915b26b7a131e5f5e6d63df8f422051d96fd0ffdd9991ba925d6c14f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9406a4d915b26b7a131e5f5e6d63df8f422051d96fd0ffdd9991ba925d6c14f0
Size

59KB
MD5

6c1175c8e2f525d3a5874e94a9a18ab8
SHA1

69db9125b3883c7fefe0737bf5535f5629ebf87f
SHA256

9406a4d915b26b7a131e5f5e6d63df8f422051d96fd0ffdd9991ba925d6c14f0
SHA512

26863b6dec3ca6abbc49d7200b93c2452426bffed83d91d3b8d4eaf5c3cb664af35be90ec85c1d15a9727800a34c9b7ece6fc1f4dc25cc175ce33ae945ef5327
SSDEEP

768:p0WBpqyrvRbtP0H1Jy6sXG912IfpsVeS76jOjxVuHJLWiWtsvycaXyPd5oGH3c:BfqyfPCC012op6WqgCiWaJDPd

Score

N/A

Malware Config

Signatures

Files

9406a4d915b26b7a131e5f5e6d63df8f422051d96fd0ffdd9991ba925d6c14f0
.exe windows x86

8573009aa2b2c184ea1279790cb839ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMailslotA
lstrcmpiA
FileTimeToLocalFileTime
SetLastError
DeleteFileA
GetVolumePathNameA
lstrcmpiA
GetProcessHeap
Sleep
GetDriveTypeW
GetLogicalDriveStringsA
lstrlenA
IsValidLocale
HeapCreate
lstrcmpiA
GetModuleHandleA
GetModuleFileNameA
lstrcmpiA
CreateNamedPipeA
SuspendThread
WaitForSingleObject
GetStdHandle
lstrcmpiA

scecli

SceOpenPolicy
DeltaNotify
SceSysPrep
InitializeChangeNotify

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ