7b17f5de104141dae055cc880ecd10491438d03651d36fc36fda5c3456d733d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7b17f5de104141dae055cc880ecd10491438d03651d36fc36fda5c3456d733d8
Size

113KB
MD5

b364676e6f2d0e8cf384c5b59f2311da
SHA1

642ae47b784f7986c00c1686144ec8411cd92205
SHA256

7b17f5de104141dae055cc880ecd10491438d03651d36fc36fda5c3456d733d8
SHA512

c9485a44e1e8a120517be84b585e8ef7bff7059ac86b7f2c20a0da5f040dca56f7a808246e43b7a79d766b710fecd20a26a262130a8ffe976394fdb9df2743da
SSDEEP

3072:RpVrdAvZRWBat8Uf5OGeuc+cMjg+ICkoS3:3wD4UoGeJ+xg3CkoS

Score

N/A

Malware Config

Signatures

Files

7b17f5de104141dae055cc880ecd10491438d03651d36fc36fda5c3456d733d8
.exe windows x86

87ba06867f2a035f1048f8b5f417d1d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetModuleFileNameA
lstrcmpiA
GetVolumePathNameA
WaitForSingleObject
GetStdHandle
lstrcmpiA
HeapCreate
CreateMailslotA
CreateNamedPipeA
lstrlenA
GetLogicalDriveStringsA
SuspendThread
SetLastError
lstrcmpiA
lstrcmpiA
GetProcessHeap
Sleep
GetDriveTypeW
GetModuleHandleA
lstrcmpiA
DeleteFileA
FileTimeToLocalFileTime

rasdlg

DwTerminalDlg
RouterEntryDlgA
RasDialDlgA
RasEntryDlgA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ