38e521f1515eebf55fba41f9c968d45d701f9ea88f9924a7470958c0a92080b5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38e521f1515eebf55fba41f9c968d45d701f9ea88f9924a7470958c0a92080b5
Size

506KB
MD5

3675b00dc268182aab0b04926e770030
SHA1

74a986a12d14805952de96f26c9fc57fced0ecdf
SHA256

38e521f1515eebf55fba41f9c968d45d701f9ea88f9924a7470958c0a92080b5
SHA512

574c2dc9ed3fc38e01e6239b6e54a5f81b320efc059928816e69b32565dc467be166a7df49ac7298f5188e082f1cda7eab24e3402c73d548bb10592c4e0f96b5
SSDEEP

12288:NzozeIo2o0TOw8AHzUvKWv7cG2JRLNKuUnkLsDD4qUSMNUxc:NzozeIro0TsMz5WzrIRLEuaiuDV1MNU

Score

N/A

Malware Config

Signatures

Files

38e521f1515eebf55fba41f9c968d45d701f9ea88f9924a7470958c0a92080b5
.exe windows x86

41e73a49fd428195343d8d3f48d9eb5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
lstrcpyW
lstrlenW
DeleteFileA
lstrcpyW
GetProcessHeap
GetLocaleInfoA
VirtualAllocEx
lstrcpyW
GetStdHandle
GetVolumePathNameW
LoadLibraryA
CreateEventA
GetConsoleAliasW
lstrcpyW
GetCommState
GetStartupInfoA
lstrcpyW
GetLogicalDriveStringsW
GetModuleFileNameA
GetMailslotInfo
SetLastError
FileTimeToLocalFileTime

termmgr

DllUnregisterServer
DllCanUnloadNow
DllRegisterServer
DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 496KB - Virtual size: 1016KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ADATA
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE