49c8eae1a98c213242475509fe92954d5fbdeaca42673bfc0db2e6e48016b688 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49c8eae1a98c213242475509fe92954d5fbdeaca42673bfc0db2e6e48016b688
Size

806KB
MD5

f0c1ed05e7e41302f12e496f87295be9
SHA1

5a3186c3f09965f47063e7ef492a3614e617882e
SHA256

49c8eae1a98c213242475509fe92954d5fbdeaca42673bfc0db2e6e48016b688
SHA512

c52dfad84943a0b10ebc2316d293134c02f4aecfabc195962bb5de534cdb08539854b1240927e9d2d9f8f12adb54de9ce2ac670d389cf937b27af2918808b2f2
SSDEEP

24576:WYhtsq+oENATgYyrTR7YbqY3FweKnFRohLm:WYhmGTgY6wRKHohq

Score

N/A

Malware Config

Signatures

Files

49c8eae1a98c213242475509fe92954d5fbdeaca42673bfc0db2e6e48016b688
.exe windows x86

d384bc8159011a8156f2ccd27223ede4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
lstrcpyW
SetLastError
VirtualAllocEx
GetStdHandle
DeleteFileA
CreateEventA
lstrcpyW
GetModuleHandleA
GetCommState
lstrcpyW
GetStartupInfoW
GetMailslotInfo
lstrlenW
FileTimeToLocalFileTime
GetModuleFileNameA
GetProcessHeap
GetLocaleInfoA
SetCurrentDirectoryA
lstrcpyW
GetVolumePathNameW
SetConsoleTitleA
IsValidLocale

termmgr

DllGetClassObject
DllRegisterServer
DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 3KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pdata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ