481e0953aeff93caba6007a18774faf6ac425ac8887084a52440856d47abc2e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

481e0953aeff93caba6007a18774faf6ac425ac8887084a52440856d47abc2e8
Size

303KB
MD5

814b3042961e67b361d5a2932e4c1dc0
SHA1

d79d373297ed27b858edb30ed5d3f71aab1101e3
SHA256

481e0953aeff93caba6007a18774faf6ac425ac8887084a52440856d47abc2e8
SHA512

34d1ce916f65c47632740e4cced48e1b36f4b29556307931ff93184f107aac2a1ad2f56b3e9bdc9e85304c0f6061910a58819103857cc0cc92ca966363a9d71b
SSDEEP

6144:Huq+IhFwMaUZ5x7udxcvVotB/nSjjFOXrKtUr+EA2R4oOfOjSgSP1y:Ojs7Njxu+ESjocC+LjfG+51

Score

N/A

Malware Config

Signatures

Files

481e0953aeff93caba6007a18774faf6ac425ac8887084a52440856d47abc2e8
.exe windows x86

933b273b9752877c2a566fbe77ffed38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
lstrcpyW
lstrcpyW
lstrcpyW
GetCommState
GetModuleFileNameA
DeleteFileA
GetMailslotInfo
GetConsoleAliasW
GetLogicalDriveStringsW
GetLocaleInfoA
FileTimeToLocalFileTime
LoadLibraryA
GetProcessHeap
lstrcpyW
lstrcpyW
GetVolumePathNameW
IsValidLocale
SetLastError
lstrlenW
GetStdHandle
CreateEventA
VirtualAllocEx

termmgr

DllRegisterServer
DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ADATA
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE