473974dda479d3053e1e295aca5527b80eb2889acf6619de5cbbcc6be605efa9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

473974dda479d3053e1e295aca5527b80eb2889acf6619de5cbbcc6be605efa9
Size

59KB
MD5

3f4732d8bf1b652a288c19dbf18d5f7b
SHA1

a8e596ac09c04a1ab96fb74a93220be659783998
SHA256

473974dda479d3053e1e295aca5527b80eb2889acf6619de5cbbcc6be605efa9
SHA512

b961100d31ba2d175d31188cfa497ef6342040ef80186c2b8f3f27a550a7ec172aa5f411afe4e411da796d03551a31dcdc03a938d70aaceab32e619c3cf94205
SSDEEP

1536:tRCol0stH+tKmAxhXMcrrJkLp8Rfon8bgcOz5jp3U3nR0k:tRCbstetIjXTrJkdQVQU3

Score

N/A

Malware Config

Signatures

Files

473974dda479d3053e1e295aca5527b80eb2889acf6619de5cbbcc6be605efa9
.exe windows x86

f9b0815360bdd6d4ec8f7e3a69c7fe68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
SetLastError
lstrcmpiA
GetStdHandle
lstrcmpiA
SuspendThread
lstrcmpiA
HeapCreate
CreateMailslotA
IsValidLocale
GetLogicalDriveStringsA
GetDriveTypeW
GetModuleFileNameA
lstrcmpiA
FileTimeToLocalFileTime
lstrlenA
lstrcmpiA
WaitForSingleObject
DeleteFileA
GetModuleHandleA
GetVolumePathNameA
CreateNamedPipeA
GetProcessHeap

riched20

RichEditANSIWndProc
IID_IRichEditOle
CreateTextServices
IID_ITextHost

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sql
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ