d32c5c259c50cfeab903613b3ea67e501834927bd51fe38ac187032a49b29185 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d32c5c259c50cfeab903613b3ea67e501834927bd51fe38ac187032a49b29185
Size

59KB
MD5

5202a2c64fd528c2016ad57cf24f0708
SHA1

6ccf277b3633c61fe33c6ff791e6e81d742e0f29
SHA256

d32c5c259c50cfeab903613b3ea67e501834927bd51fe38ac187032a49b29185
SHA512

11ece27e52c159894e01436bce649e6c2f1738261b3e8940ab621370b19b46952cfdbff2faf4aeed30e2e65b12fc8a4c6144daafe3dee0daa303ba27cb19cf76
SSDEEP

1536:BxGzLQHFFgVvGVNAED4lImyZKjFIXt6tVU0RvbKwp:BxILAmkA44ymyZSI2VP9bK

Score

N/A

Malware Config

Signatures

Files

d32c5c259c50cfeab903613b3ea67e501834927bd51fe38ac187032a49b29185
.exe windows x86

8672270f6dd52e2e97dfbbf5effef728

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNameA
lstrcmpiA
WaitForSingleObject
lstrlenA
IsValidLocale
Sleep
GetModuleHandleA
lstrcmpiA
CreateNamedPipeA
GetStdHandle
GetDriveTypeW
GetLogicalDriveStringsA
FileTimeToLocalFileTime
SetLastError
SuspendThread
GetProcessHeap
lstrcmpiA
lstrcmpiA
GetModuleFileNameA
HeapCreate
DeleteFileA
CreateMailslotA
lstrcmpiA

scecli

DeltaNotify
InitializeChangeNotify
SceOpenPolicy
SceSysPrep

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ