5e9ce6330a60ea3e66983ab8da8203c363b34e399f533f0d264175b74a4a37fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e9ce6330a60ea3e66983ab8da8203c363b34e399f533f0d264175b74a4a37fb
Size

58KB
MD5

6602d48101d8a940bbbdd17a2e6bb560
SHA1

e4bebf3e65453709aad3f0cabcd159693986e02f
SHA256

5e9ce6330a60ea3e66983ab8da8203c363b34e399f533f0d264175b74a4a37fb
SHA512

3959982ef8e5b8c2657023d7e337644984b739b090602a1c8072ad41029ececf937ca96e73633f92ae45bbdd1bb9c53db07fb9cb2cf55b77a83d1af76d224e1e
SSDEEP

768:pot6s2zDvKfoNGAQsSqw4GprmEXkLyW34Qbl5v2FnhjvSPmBqW5FAv5SQh7Z4ZDc:potSygpS94emqU5blN2FnhGhSk5l4ZD

Score

N/A

Malware Config

Signatures

Files

5e9ce6330a60ea3e66983ab8da8203c363b34e399f533f0d264175b74a4a37fb
.exe windows x86

20f00e73c64aba94fedb91233e99dcbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetStdHandle
SetLastError
GetLogicalDriveStringsW
lstrcmpiA
lstrcmpiA
WaitForMultipleObjects
DeleteFileA
GetModuleFileNameA
GetVolumePathNameW
lstrlenA
CreateNamedPipeW
IsValidLocale
OpenMutexA
FileTimeToLocalFileTime
GetModuleHandleA
HeapCreate
CreateMailslotA
lstrcmpiA
lstrcmpiA
lstrcmpiA
GetDriveTypeW
GetProcessHeap

scecli

InitializeChangeNotify
DeltaNotify
SceSysPrep
SceOpenPolicy

Sections

.text
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ