2ef9d4cfdc7f48322870f80060410f4ee87f6a90f42e5177b0eddbccdd34716e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ef9d4cfdc7f48322870f80060410f4ee87f6a90f42e5177b0eddbccdd34716e
Size

4KB
MD5

4c7b2d31af31f9e5c86608f3af394c87
SHA1

cbce8567596e27c4b130f154ab0020819957c1ae
SHA256

2ef9d4cfdc7f48322870f80060410f4ee87f6a90f42e5177b0eddbccdd34716e
SHA512

98a06b57d5854446d11c55d49a931d68b6f15f0636983f1b3d77a97e4ab50545fd3559054ac2b4e74b395eca24b6c68d0b77a10a1bf817d6c7a672088525e7ff
SSDEEP

48:yyk8regdam2pZp1i6lc7HlPbkKNfPY08v/:I8PkbRElPbkKN983

Score

N/A

Malware Config

Signatures

Files

2ef9d4cfdc7f48322870f80060410f4ee87f6a90f42e5177b0eddbccdd34716e
.dll windows x86

d7d03cfcde314dd9338220f955e0c9a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsA
lstrcmpiA
lstrlenA
DisableThreadLibraryCalls
CreateFileA
WinExec
CloseHandle

advapi32

RegEnumValueA
RegDeleteValueA
RegOpenKeyA

Exports

Exports

DriverProc
auxMessage
midMessage
modMessage
mxdMessage
widMessage
wodMessage

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 630B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ