ad56dd1f99ba947aa9335169cd393128881bc38ed1d1c52eba87de0951534cdd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad56dd1f99ba947aa9335169cd393128881bc38ed1d1c52eba87de0951534cdd
Size

810KB
MD5

92bc2ce89a60e6523e1119998ef0a590
SHA1

92bacba8c9ccd677863a5eb5f44864678bb21e34
SHA256

ad56dd1f99ba947aa9335169cd393128881bc38ed1d1c52eba87de0951534cdd
SHA512

06b3a50b5dbfee750e29497e76334ba4540fa991a288a8d0aaa70040f9e4eaa52053cae6c2dab6d88a4f17552380e6fd19ff750c37833ab1e317332105baeb25
SSDEEP

24576:6Npbxk+n9GAhffKwAIWjUwJU2gwEGU1G0cTu:6WzcCwAIMPCFW0g

Score

N/A

Malware Config

Signatures

Files

ad56dd1f99ba947aa9335169cd393128881bc38ed1d1c52eba87de0951534cdd
.exe windows x86

3ab5cc3ab8b6f7f1131505da6f49147b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
lstrcpyW
GetLogicalDriveStringsW
GetLogicalDrives
GetFullPathNameW
GetStringTypeA
OpenMutexA
GetLogicalDrives
GetModuleHandleA
VirtualProtectEx
SetCurrentDirectoryA
CreateSemaphoreW
GetLogicalDrives
GetFileAttributesA
GetTickCount
GetLogicalDrives

riched20

RichEdit10ANSIWndProc
IID_ITextHost
RichEditANSIWndProc
IID_IRichEditOle

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.ndata
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ