5836c96cd6386737dfc149a2ef27489b78992ffa6f6bdd2a1749fdc584188793 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5836c96cd6386737dfc149a2ef27489b78992ffa6f6bdd2a1749fdc584188793
Size

58KB
MD5

32f3f30b3464575d28eb1469f5e186e0
SHA1

554e76af9c3cc88f08d889100e48d7257d91ff47
SHA256

5836c96cd6386737dfc149a2ef27489b78992ffa6f6bdd2a1749fdc584188793
SHA512

7cd33d68746654bf72b1020577b6dfde3cf2b301db0d86b3abddcc942d3ec74c359d231d26ca04e85dcd87ce02ee44260bb712fd17d6def526c99895461c49d5
SSDEEP

1536:2v4gPwjk7LgM9kAN2lNmR31SC+I7VfuypeQ8zjcxCIau:K4gPwj1M9RQN631fVWFjcxCIa

Score

N/A

Malware Config

Signatures

Files

5836c96cd6386737dfc149a2ef27489b78992ffa6f6bdd2a1749fdc584188793
.exe windows x86

41b7e2149db33a23ea637d568b8bd1ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateWaitableTimerW
lstrcmpiA
GetLogicalDrives
lstrcmpiA
GetDriveTypeA
GetStdHandle
lstrcmpiA
GetProcessHeap
HeapCreate
lstrcmpiA
IsValidCodePage
EndUpdateResourceW
SetLastError
GetExitCodeProcess
GetModuleFileNameA
GetBinaryTypeW
GetModuleHandleA
lstrlenA
CreateNamedPipeA
FileTimeToLocalFileTime
SuspendThread
lstrcmpiA

printui

PnPInterface
bFolderRefresh
ConstructPrinterFriendlyName
bPrinterSetup

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rcrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xml
Size: 1024B - Virtual size: 643B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE