f2d158cba056234157239d450d71e8acca37ba28d16152abe78fe67b62c9f807 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2d158cba056234157239d450d71e8acca37ba28d16152abe78fe67b62c9f807
Size

24KB
MD5

7b960f8d2e20c5094784ce7f4447edf6
SHA1

f9d0ec6ff302cb576e31bbe7d94e95a07fb3e1c6
SHA256

f2d158cba056234157239d450d71e8acca37ba28d16152abe78fe67b62c9f807
SHA512

37f639e19f7236ddd68b6f2a529c63e75fd3ff447873308b45c69c97cf8c97ac1f31767e54f10d18c4734c542b6c43a9571d925f5bf4aa21ccc6e429abd8df2d
SSDEEP

384:X6Sy1N4wlSRu9HLtx+t9lfDnEtXXW8nIMM7c:X6L7ERu9Hm/lfTEtXXWnRc

Score

N/A

Malware Config

Signatures

Files

f2d158cba056234157239d450d71e8acca37ba28d16152abe78fe67b62c9f807
.exe windows x86

6ed8ef954ec114e05dbd5f0c151f8543

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetStdHandle
GetModuleFileNameA
GetStartupInfoW
FileTimeToLocalFileTime
lstrcpyW
lstrcpyW
GetMailslotInfo
GetCommState
IsValidLocale
SetConsoleTitleA
SetLastError
lstrlenW
GetVolumePathNameW
DeleteFileA
GetProcessHeap
lstrcpyW
VirtualAllocEx
GetModuleHandleA
SetCurrentDirectoryA
lstrcpyW
CreateEventA
lstrcpyW

termmgr

DllGetClassObject
DllCanUnloadNow
DllUnregisterServer
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ