f1253411cddfe59c3e27d77e96bdfa40288849ac06ebf31cb1e6e4b5ef210f71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1253411cddfe59c3e27d77e96bdfa40288849ac06ebf31cb1e6e4b5ef210f71
Size

822KB
MD5

0c89b4f264420ae48a1e40b75759a4a1
SHA1

63cf2d82c666f9e36a609e9641df226ba57012f2
SHA256

f1253411cddfe59c3e27d77e96bdfa40288849ac06ebf31cb1e6e4b5ef210f71
SHA512

e6043b00b9afbce8cfe359f7bb67e34386ccbc5c34769111cba2bc362b23c64089a0900f6b15d2a2ccae5326ebb314a012a2d87a4e24e4658c01bf280d9a4817
SSDEEP

24576:EtUvWchYF/Oy5kw+Ing2IWYD97JQuHmQz:EVuYF/pJneWIQuG

Score

N/A

Malware Config

Signatures

Files

f1253411cddfe59c3e27d77e96bdfa40288849ac06ebf31cb1e6e4b5ef210f71
.exe windows x86

e82c49ee43d22e5350759667dc94d7a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetEnvironmentVariableW
GetVolumeInformationA
lstrcmpW
GetModuleHandleA
VirtualProtectEx
GetPrivateProfileIntW
VirtualFree
ReadConsoleW
CreateMailslotW
CompareStringW
lstrcatA
GetDiskFreeSpaceW
GetFileType
WriteFile
GetCurrentDirectoryA
GetTimeFormatA
GetLastError
GetProcessHeap
GetSystemTime

dmdskmgr

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
?namecmp@@YGHPBG0@Z

Sections

.text
Size: 20KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 798KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ