ba8684cf212ca53efe8d41bafb6fdd128664f3bcc72eb112ac2702c11b0e4e92 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba8684cf212ca53efe8d41bafb6fdd128664f3bcc72eb112ac2702c11b0e4e92
Size

297KB
MD5

679f477550b6c266233471212bb16522
SHA1

88fccaca77fd3248d1a7efabffbd37ab0f6f8c55
SHA256

ba8684cf212ca53efe8d41bafb6fdd128664f3bcc72eb112ac2702c11b0e4e92
SHA512

6cbed4f30c251800a3e551e5d37928b16e0b3fb25fbbac0393f0e181ab30da71147f3cf19123aa0dacd52ef492b2d6dc78b4734cee7b520f7d9bc18165747605
SSDEEP

6144:+hmxeuRWLhrQ2IOasEgfn2KkBAhlwuWbnjDp4/rbPnF/yy+TIDNCzf:4mxNu1QAasJ2KsU0rZGbPpytWN4

Score

N/A

Malware Config

Signatures

Files

ba8684cf212ca53efe8d41bafb6fdd128664f3bcc72eb112ac2702c11b0e4e92
.exe windows x86

a081d21c5aa59a03c1662e61fef65d0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetLogicalDriveStringsA
GetProcessHeap
lstrlenA
GetVolumePathNameA
GetModuleHandleA
lstrcmpiA
DeleteFileA
CreateMailslotA
GetDriveTypeW
GetModuleFileNameA
Sleep
HeapCreate
GetStdHandle
SetLastError
lstrcmpiA
SuspendThread
IsValidLocale
CreateNamedPipeA
lstrcmpiA
WaitForSingleObject
FileTimeToLocalFileTime
lstrcmpiA

rastls

DllCanUnloadNow
DllUnregisterServer
DllRegisterServer
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 288KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ