5c910d5441d1a50c01c6f81f7d6dcb775b725baeda0e620b13d140d144a857e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c910d5441d1a50c01c6f81f7d6dcb775b725baeda0e620b13d140d144a857e8
Size

300KB
MD5

42798719b5781a5fee6131c3496a6b88
SHA1

dae61b505634ec30a9732422f9aa069eed16e1d4
SHA256

5c910d5441d1a50c01c6f81f7d6dcb775b725baeda0e620b13d140d144a857e8
SHA512

63aa6e986c0d23a904081cea5beb1ecb77d130feeb84257104ce69e117b630f615f621d6e375356c1aa43b87646793e1ad557dc32e2e72fad50275803d09cbf1
SSDEEP

6144:qhRRdcbBWWTV8GtbTHJu16om+eIMRNIXeVKhPYi1SKDvBCbEUmqQSVGxwIkq1:QvdcbBHmE3pms+e9CjhPV1SYVUmqQSgh

Score

N/A

Malware Config

Signatures

Files

5c910d5441d1a50c01c6f81f7d6dcb775b725baeda0e620b13d140d144a857e8
.exe windows x86

f5f33ab3321c9f5246ddf2178858ff93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
lstrcmpiW
lstrcmpiW
DeleteFileA
lstrcmpiW
GetProcessHeap
FileTimeToLocalFileTime
SetLastError
IsValidLocale
lstrcmpiW
CreateMailslotW
lstrlenW
Sleep
CreateNamedPipeW
GetModuleHandleA
GetStartupInfoA
GetVolumePathNameW
GetLogicalDriveStringsW
GetModuleFileNameA
HeapCreate
GetConsoleAliasW
GetCommState
lstrcmpiW

sqlunirl

wsprintf_
_CallMsgFilter_@8
_AppendMenu_@16
AbortSystemShutdown_

Sections

.text
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RDATA
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ