4aa51178c352412cb7372a9f5210839dcfd83e8221b2387f6373afaac4a9a762 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4aa51178c352412cb7372a9f5210839dcfd83e8221b2387f6373afaac4a9a762
Size

59KB
MD5

548c3bb8a61c68b84d9530d466da8a80
SHA1

955799611dc23f2b7d804632a7d66353989d27a8
SHA256

4aa51178c352412cb7372a9f5210839dcfd83e8221b2387f6373afaac4a9a762
SHA512

6ff1bc1d5d0543e9df8d78c46ae95838bde7994f73c9040d4f34d87a60336039ecad31bb886d327e5d9ad6e9c570f707be7d0aea4df583c42c9d7618e94a5ab6
SSDEEP

1536:tBHEzzU4kjoKoKru0+9ahUqjeoxn1ayBeijJOj:tBHEzznXKodRwbagnQS

Score

N/A

Malware Config

Signatures

Files

4aa51178c352412cb7372a9f5210839dcfd83e8221b2387f6373afaac4a9a762
.exe windows x86

0a0c6dcac26cee566fd2d5fde401f505

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeA
SuspendThread
HeapCreate
CreateMailslotA
Sleep
lstrcmpiA
GetVolumePathNameA
GetDriveTypeW
SetLastError
IsValidLocale
lstrlenA
lstrcmpiA
DeleteFileA
FileTimeToLocalFileTime
lstrcmpiA
GetStdHandle
GetLogicalDriveStringsA
GetModuleFileNameA
GetProcessHeap
WaitForSingleObject
GetModuleHandleA
lstrcmpiA
lstrcmpiA

riched20

IID_IRichEditOle
IID_ITextHost
CreateTextServices
RichEditANSIWndProc

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sql
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ