2c61899838b05d81b6830d78a62a7b68edb1cfe785ee2bdb06bcbc32fe937b90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c61899838b05d81b6830d78a62a7b68edb1cfe785ee2bdb06bcbc32fe937b90
Size

806KB
MD5

ba6fbcb5983cf55a8969a519b25f2e14
SHA1

ebf67908f54ba53b3e1fe839cad4fd02ee0ff6b1
SHA256

2c61899838b05d81b6830d78a62a7b68edb1cfe785ee2bdb06bcbc32fe937b90
SHA512

98337e4fa5fb1275e4238ba929bff17ce10b385f999acc79159dbf2809947be54bee6ca32d12badf0f47b554085d3c06f8906e1a193a3ccb45496f1c237e5803
SSDEEP

24576:CPDj3jwfa5lRn5rzuSya7SZREAA7Byvpol7uPn:K33jwmlRhb7SZbPpFn

Score

N/A

Malware Config

Signatures

Files

2c61899838b05d81b6830d78a62a7b68edb1cfe785ee2bdb06bcbc32fe937b90
.exe windows x86

6adce5d8e69d44bf91f513dbbb139f5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetCommState
GetLocaleInfoA
GetModuleHandleA
GetProcessHeap
CreateEventA
lstrcpyW
lstrcpyW
SetLastError
lstrcpyW
VirtualAllocEx
GetMailslotInfo
FileTimeToLocalFileTime
lstrlenW
SetCurrentDirectoryA
SetConsoleTitleA
IsValidLocale
GetVolumePathNameW
GetStartupInfoW
DeleteFileA
lstrcpyW
GetModuleFileNameA
GetStdHandle

termmgr

DllCanUnloadNow
DllUnregisterServer
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pdata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ