0c6618d8237958aa40e72ca3eba35619173f1d8e75112745640d8c8473c6d661 | Triage

Sharing

General

Target

0c6618d8237958aa40e72ca3eba35619173f1d8e75112745640d8c8473c6d661
Size

3KB
MD5

440b748f2d7920a29650085029d42142
SHA1

b35d962bad5cbfb0f4198f143d03c8a9f1948c6e
SHA256

0c6618d8237958aa40e72ca3eba35619173f1d8e75112745640d8c8473c6d661
SHA512

e3b68e6b74f6161dfa6fbe27af8452d5b84117dd5d43eee7ade040ed99b5b5f72dd1211f0097d9bde74fb033ed24507494ddd3aa0f02ac8acacb74616cce6772

Score

N/A

Malware Config

Signatures

Files

0c6618d8237958aa40e72ca3eba35619173f1d8e75112745640d8c8473c6d661
.dll windows x86

dfe95b81ec9f210feddfc5253e21ce4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
DisableThreadLibraryCalls
ExpandEnvironmentStringsA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
MoveFileA
MoveFileExA
WinExec
lstrcmpiA

Exports

Exports

DriverProc
auxMessage
midMessage
modMessage
mxdMessage
widMessage
wodMessage

Sections

.text
Size: 1024B - Virtual size: 898B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ