cf73131e404f0722094202b94fdc5d731e5fad1dc4021741d3fcb1e1a4efe43f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf73131e404f0722094202b94fdc5d731e5fad1dc4021741d3fcb1e1a4efe43f
Size

66KB
MD5

7d504089811547b464f45b31721cda08
SHA1

111e3ce41801e8fc9b427fa8924f3f1303784cfa
SHA256

cf73131e404f0722094202b94fdc5d731e5fad1dc4021741d3fcb1e1a4efe43f
SHA512

b7d8abce364e00d67a136ce29b9bf4e47ee8d96c9fdd7b6f5a86c7effe99aae3920c91eb14eb56bf9b1c77823719f22978470e7c83ed1285999a97a351d120a8
SSDEEP

1536:fD+IfSVSziRC0xyZx8g/ika6Dw44zDKyePp:6qASzX0Tg/ja6TIq

Score

N/A

Malware Config

Signatures

Files

cf73131e404f0722094202b94fdc5d731e5fad1dc4021741d3fcb1e1a4efe43f
.exe windows x86

35b97a25634d2e8fdd6ac825a99bf650

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
GetNamedPipeHandleStateA
SetTermsrvAppInstallMode
InitializeSListHead
MoveFileExW
SetMessageWaitingIndicator
FreeLibraryAndExitThread
GetLogicalDriveStringsA
DeleteVolumeMountPointW
OpenFileMappingA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE