4b1adf03f40c99acaee925b24b5a9d0e3022ea8e8b20b0497cc2736dd9440796 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b1adf03f40c99acaee925b24b5a9d0e3022ea8e8b20b0497cc2736dd9440796
Size

118KB
MD5

811e072b7ea1000fd13292be03040a89
SHA1

0c1af7aa4124d2ceaf4fd29f71a0abf25c77e468
SHA256

4b1adf03f40c99acaee925b24b5a9d0e3022ea8e8b20b0497cc2736dd9440796
SHA512

af5f1594a22c77a5e3d9413b2a4ee79a2487db8c5ba893ec54b923717874f8550db702abe41cc3c09663efab4cf7a37bc4354c82c41c30f7c56097e28bd78791
SSDEEP

3072:WLoDn84WswgstTOuFvGutVca+Yoajsj9U7/a9hPQW0w:vFPwgoOuJG0ctYLjI9UuDPV

Score

N/A

Malware Config

Signatures

Files

4b1adf03f40c99acaee925b24b5a9d0e3022ea8e8b20b0497cc2736dd9440796
.exe windows x86

74607531e249c5e6893d24058510198d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
lstrcmpiA
CreateNamedPipeA
SetLastError
GetDriveTypeA
GetLogicalDrives
GetModuleHandleA
GetExitCodeProcess
lstrlenA
GetModuleFileNameA
FileTimeToLocalFileTime
CreateWaitableTimerW
SuspendThread
GetProcessHeap
Sleep
lstrcmpiA
GetBinaryTypeW
IsValidCodePage
lstrcmpiA
HeapCreate
EndUpdateResourceW
lstrcmpiA
GetStdHandle

printui

PnPInterface
ConstructPrinterFriendlyName
bPrinterSetup
bFolderRefresh

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rcrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xml
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE