81197a578805e5e9d42ebf11aef0d8f6319aa5ecd53dec6ea7f6bf5fe85f8277 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81197a578805e5e9d42ebf11aef0d8f6319aa5ecd53dec6ea7f6bf5fe85f8277
Size

63KB
MD5

1a6db204116d561fa18fd344f9f91a20
SHA1

4ba6cae751cad3d09931e037ab5b85cbc49465c4
SHA256

81197a578805e5e9d42ebf11aef0d8f6319aa5ecd53dec6ea7f6bf5fe85f8277
SHA512

12430e6fa5aa93ad1b87d15f8aeda5d17f457a81e3bb3b73b13aed37bd0567b5a0ca7ca2a90816d892792451c8edbae1a7f77577eb759786f4d0050cfdc017a7
SSDEEP

1536:4gouAVMUqOZDKohxyMN/HXbhQsQ6Ejbkshcp:dkVOOgQxyMN/XKsQjbksG

Score

N/A

Malware Config

Signatures

Files

81197a578805e5e9d42ebf11aef0d8f6319aa5ecd53dec6ea7f6bf5fe85f8277
.exe windows x86

eaaf14bc0e409e8bc252c940de1bcac5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetCurrentDirectoryW
GetFullPathNameW
FindClose
GetModuleHandleA
ReadConsoleW
CreateSemaphoreA
GetFullPathNameW
Sleep
CreateEventA
GetVolumePathNameW
FindClose
CopyFileA
HeapCreate
CreateMailslotA
CreateFileMappingA
SetVolumeLabelA
CreateFileA
GetModuleHandleW
GetEnvironmentVariableW
CreatePipe
FindClose
VirtualFree

mshtml

PrintHTML
DllCanUnloadNow
ShowModalDialog
DllGetClassObject

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avdr
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ