f6509a8704fa35fc52b924f9d0cf7645c7feb04eca0a68b6161d6341a08547bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6509a8704fa35fc52b924f9d0cf7645c7feb04eca0a68b6161d6341a08547bb
Size

58KB
MD5

0946c1d006794908f38edc2f37ba54d0
SHA1

6be5aae17bf74797894c77ef52a46576e947ecc6
SHA256

f6509a8704fa35fc52b924f9d0cf7645c7feb04eca0a68b6161d6341a08547bb
SHA512

30fcc2401528426f5923829275817e727dd1720b95bcca68a70b8661fbfeed926d9e4856bffb90fa3de0810c0cae5378bcd392943cf6da6dcff0dbac302c56c6
SSDEEP

1536:2RDWZcGbmCaV43577awwNA8Z+UPLp4qX0Kgu/0d:2tsze435aBb+cp2KD0

Score

N/A

Malware Config

Signatures

Files

f6509a8704fa35fc52b924f9d0cf7645c7feb04eca0a68b6161d6341a08547bb
.exe windows x86

d4725ebca3fdfda84cdba19ec23fd0fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
HeapCreate
GetDriveTypeW
CreateNamedPipeA
GetStdHandle
GetModuleHandleA
WaitForSingleObject
FileTimeToLocalFileTime
GetVolumePathNameA
SetLastError
lstrcmpiA
lstrcmpiA
lstrlenA
GetModuleFileNameA
DeleteFileA
CreateMailslotA
lstrcmpiA
lstrcmpiA
SuspendThread
Sleep
GetLogicalDriveStringsA
lstrcmpiA
IsValidLocale

rastls

DllRegisterServer
DllGetClassObject
DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ