7587abbbe2b3e677809ecda6063d3844ad4c3b1bf9b308753507b895ad76b759 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7587abbbe2b3e677809ecda6063d3844ad4c3b1bf9b308753507b895ad76b759
Size

806KB
MD5

45c9de14d0fa2afeafab6f6c05b06049
SHA1

2e354b740bdb1643df4c70029e62f188a489e7d8
SHA256

7587abbbe2b3e677809ecda6063d3844ad4c3b1bf9b308753507b895ad76b759
SHA512

3e0ae883341eb300ff5edc75b576f755c5587ba374e241d448b669b31d7d211cc1eb7e1c1227249b30f3173f7dfa4c123bb2f449873a6d358e39a3888212c72f
SSDEEP

12288:dtffkIoLmQ/vd+D/w2V/2qYizWsgxotmtbRzjuudOwKuIqCZzMvlRBxdPA7t8ZrR:dMDkNzWsg2tcJjuudiuI5MvZYR8T/PR

Score

N/A

Malware Config

Signatures

Files

7587abbbe2b3e677809ecda6063d3844ad4c3b1bf9b308753507b895ad76b759
.exe windows x86

9ea4cbdb50e9a88f9d84df86fc7b3ac6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
FileTimeToLocalFileTime
GetProcessHeap
SetLastError
GetCommState
DeleteFileA
GetVolumePathNameW
GetStartupInfoW
lstrcpyW
lstrlenW
lstrcpyW
GetMailslotInfo
IsValidLocale
SetConsoleTitleA
lstrcpyW
SetCurrentDirectoryA
GetModuleFileNameA
lstrcpyW
GetModuleHandleA
GetLocaleInfoA
VirtualAllocEx
GetStdHandle
lstrcpyW

termmgr

DllCanUnloadNow
DllRegisterServer
DllUnregisterServer
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pdata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ