d790926b4b62315a90645d3e9331917b61e007eddd1b77ce48d3413713a2a5ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d790926b4b62315a90645d3e9331917b61e007eddd1b77ce48d3413713a2a5ab
Size

821KB
MD5

03c35a15ae98a64b30dd246bfc08e5d1
SHA1

9ce8782633b0a014cb77c47f60d4a0601fb3741e
SHA256

d790926b4b62315a90645d3e9331917b61e007eddd1b77ce48d3413713a2a5ab
SHA512

082676d11dac9fd6c6094b8037330d106784b7ef059880f271698b2a30bdce96ebf2778f628d019725cb18f9261e5e40f7a1fbf7b7e6dd84f1e1fbacae079af1
SSDEEP

24576:lnbTVCv+1ncdVRUKY8jiZm2AyXfQlfNnH9LJ:pTKXUsjsmlyKN/

Score

N/A

Malware Config

Signatures

Files

d790926b4b62315a90645d3e9331917b61e007eddd1b77ce48d3413713a2a5ab
.exe windows x86

0d9aa40e0339b2b93fd26b38a5dcd323

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLastError
GetModuleHandleA
lstrcmpW
GetEnvironmentVariableW
ReadConsoleW
GetTimeFormatA
lstrcatA
VirtualProtectEx
WriteFile
CompareStringW
GetVolumeInformationA
CreateMailslotW
VirtualFree
GetDiskFreeSpaceW
GetProcessHeap
GetCurrentDirectoryA
GetPrivateProfileIntW
GetSystemTime
GetFileType

dmdskmgr

DllRegisterServer
?namecmp@@YGHPBG0@Z
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 20KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ