534eafe2f5e0488e316298b5948b6a11d25e26b41d32ef6390a39eafba7d6075 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

534eafe2f5e0488e316298b5948b6a11d25e26b41d32ef6390a39eafba7d6075
Size

58KB
MD5

5659fbedf02245e5d7b0bbcf8ec47dda
SHA1

48cde544b6bbfd98b8bed2cfc7437da365e0d4ab
SHA256

534eafe2f5e0488e316298b5948b6a11d25e26b41d32ef6390a39eafba7d6075
SHA512

11725d49e0fad801369db1e75777811f5a7840fe22c744f3067ec2e6bc0d1d19832bca3298974d00412c7b4a9d4694a57c9ee64bbe74d94d908b6a85d61d0fe3
SSDEEP

1536:r1WzTpFbhlKC2dqn6b2pkGqg8nRDHQmmItQG+57/6UI:r12lL2wn8UMnFNP+t

Score

N/A

Malware Config

Signatures

Files

534eafe2f5e0488e316298b5948b6a11d25e26b41d32ef6390a39eafba7d6075
.exe windows x86

47194f68777550426a236adb6d028907

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetModuleHandleA
lstrcmpiA
HeapCreate
CreateMailslotA
lstrcmpiA
WaitForSingleObject
GetStdHandle
DeleteFileA
lstrlenA
GetModuleFileNameA
SetLastError
lstrcmpiA
SuspendThread
GetVolumePathNameA
CreateNamedPipeA
Sleep
lstrcmpiA
lstrcmpiA
GetLogicalDriveStringsA
GetDriveTypeW
FileTimeToLocalFileTime
IsValidLocale

rastls

DllGetClassObject
DllUnregisterServer
DllRegisterServer
DllCanUnloadNow

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ