e5c796e1c3adcc95d54d57c1247fbd7aa0f5bb7aee110ee9601ca42d6f9ebab8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e5c796e1c3adcc95d54d57c1247fbd7aa0f5bb7aee110ee9601ca42d6f9ebab8
Size

306KB
MD5

65f536cdfa0fe32c7f9a509ff8c41203
SHA1

22c9f4c93f3fb1768cfd7725bf98075e50467f7d
SHA256

e5c796e1c3adcc95d54d57c1247fbd7aa0f5bb7aee110ee9601ca42d6f9ebab8
SHA512

799edc8270333193feb22ea7f7dbbdcbeed93171345222100ded549ace5619d11c1e2c8093119009dbb5bbad95cde06c9a866daa7f42765843a33da9a3609dad
SSDEEP

6144:b/Blig9t+grzFZfmqcm4pX2Y3NolPuoZcmh6JPmo6u1s6PXegHqLLB:b/Blh3rfxcmoYoJ56u+7kqLt

Score

N/A

Malware Config

Signatures

Files

e5c796e1c3adcc95d54d57c1247fbd7aa0f5bb7aee110ee9601ca42d6f9ebab8
.exe windows x86

79c0208bb28d8f4bc5ada1525c713885

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetDiskFreeSpaceW
GetConsoleMode
ReleaseSemaphore
CloseHandle
GetModuleHandleA
GetCurrentDirectoryA
lstrcmpW
FindFirstVolumeA
GetStringTypeA
CreateSemaphoreA
CloseHandle
GetModuleHandleW
HeapCreate
OpenMutexW
GetEnvironmentVariableW
WaitForMultipleObjects
CloseHandle
FindNextVolumeA
GetFullPathNameA
GetVolumePathNameA
ReadConsoleA
GetFullPathNameA

certmgr

DllRegisterServer
DllGetClassObject
DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.res
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE