000ad9110171a5b1f4087e56c409de2ea4c2dfa6b77f5888957269a86f4b15cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

000ad9110171a5b1f4087e56c409de2ea4c2dfa6b77f5888957269a86f4b15cd
Size

808KB
MD5

b9f63489dbf93b78f88f1649971d6659
SHA1

10ee922904337a9b98132f2a3ca2df2dbff609a2
SHA256

000ad9110171a5b1f4087e56c409de2ea4c2dfa6b77f5888957269a86f4b15cd
SHA512

2e28bf183b198775942b97a36862d63a88b1433e20a8e556d54327538879007146ac07af2bb1dcfafb1929d2aa59bd39b65f44578d3073330f647de15db4503d
SSDEEP

12288:8j+ipA9dsymdwXaf5nN5z4Mdesyfoneyrfn4c9tfB1wLxXTHisfkcSjjA7RJMbCx:8jqhGpzkMIs+one9gwFfkrMcbzwdpH

Score

N/A

Malware Config

Signatures

Files

000ad9110171a5b1f4087e56c409de2ea4c2dfa6b77f5888957269a86f4b15cd
.exe windows x86

f7ee17bc434681fd505fd2d73dd5d912

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetStartupInfoA
lstrcpyW
GetConsoleAliasW
GetCommState
LoadLibraryA
GetVolumePathNameW
GetModuleFileNameA
FileTimeToLocalFileTime
VirtualAllocEx
CreateEventA
lstrlenW
GetLogicalDriveStringsW
lstrcpyW
SetLastError
DeleteFileA
GetLocaleInfoA
GetProcessHeap
lstrcpyW
lstrcpyW
IsValidLocale
lstrcpyW
GetMailslotInfo

tapi3

DllRegisterServer
DllGetClassObject
DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 799KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE