0b5a6e20447a35cf262ec670e9d25260cfb6560941519516264950231ea3692f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b5a6e20447a35cf262ec670e9d25260cfb6560941519516264950231ea3692f
Size

808KB
MD5

ba05eaaa5c75b22ff52c8679c2e03798
SHA1

a3867f401a41aa042d802bbe077635c760065e79
SHA256

0b5a6e20447a35cf262ec670e9d25260cfb6560941519516264950231ea3692f
SHA512

c93a1db5123444ebe457237521fd9c35fdd4539e9bf3d34af04b4346b2908bcdd875c771f719a18d277c12c624e58aee46cf7cd1b85adbe85bfe8ec8f1e2f163
SSDEEP

12288:L+ipA9dsymdwXaf5nN5z4Mdesyfoneyrfn4c9tfB1wLxXTHisfkcSjjA7RJMbCki:rqhGpzkMIs+one9gwFfkrMcbzwdpH

Score

N/A

Malware Config

Signatures

Files

0b5a6e20447a35cf262ec670e9d25260cfb6560941519516264950231ea3692f
.exe windows x86

51afb0dce818ad365dd1d94367538fa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetModuleFileNameA
lstrcpyW
lstrcpyW
GetLogicalDriveStringsW
lstrcpyW
GetStdHandle
IsValidLocale
SetLastError
FileTimeToLocalFileTime
GetConsoleAliasW
CreateEventA
DeleteFileA
lstrcpyW
VirtualAllocEx
GetMailslotInfo
GetCommState
LoadLibraryA
GetLocaleInfoA
GetStartupInfoA
lstrcpyW
lstrlenW
GetVolumePathNameW

tapi3

DllGetClassObject
DllUnregisterServer
DllRegisterServer
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 799KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE