59320ac2b1ce32aef76f2d49d3d15efc699df1fae6bca8c76db739e8804b3621 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59320ac2b1ce32aef76f2d49d3d15efc699df1fae6bca8c76db739e8804b3621
Size

59KB
MD5

55148d72d9589112a79042a8be66218b
SHA1

e156e26010751da6a0db6b268ebd62ce7eb7e670
SHA256

59320ac2b1ce32aef76f2d49d3d15efc699df1fae6bca8c76db739e8804b3621
SHA512

5cf7126fcc3c4f1a454425ea8149be5d27ee2bae9313668d4bae1b43df78aa20a4067fb015c4f15579dda84c107dce9325f5bd8012fa0603ba99deaed924cd3b
SSDEEP

1536:1e5qhLfait0IoarP6OraPAztV8EOxtg5s2eASD3lZy+37:05qhGgCsP6WaPAgtQ/qCE

Score

N/A

Malware Config

Signatures

Files

59320ac2b1ce32aef76f2d49d3d15efc699df1fae6bca8c76db739e8804b3621
.exe windows x86

29091f1ac770caac8890f10e0929d4a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetLogicalDriveStringsA
WaitForSingleObject
GetDriveTypeW
lstrcmpiA
CreateNamedPipeA
lstrlenA
IsValidLocale
DeleteFileA
FileTimeToLocalFileTime
GetProcessHeap
lstrcmpiA
GetStdHandle
GetModuleHandleA
GetVolumePathNameA
HeapCreate
CreateMailslotA
lstrcmpiA
Sleep
GetModuleFileNameA
SetLastError
SuspendThread
lstrcmpiA

scecli

InitializeChangeNotify
SceSysPrep
SceOpenPolicy
DeltaNotify

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ