221958879d048030d882ac8abe2f6276604388c2d15d06e69f43b0e16205d9b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

221958879d048030d882ac8abe2f6276604388c2d15d06e69f43b0e16205d9b1
Size

58KB
MD5

5dd9ad6a392a156c3c9b1d67bf080853
SHA1

63dd583f60b50698df45ddcdeca3636a0c616071
SHA256

221958879d048030d882ac8abe2f6276604388c2d15d06e69f43b0e16205d9b1
SHA512

5589dc8d7d5abca90fda345dc8a59ca7da2f4b31ed7d00f44a75f5e72364ef1ec2132d0113418f3e9d4cc3ac5d490dcc7496dcae6161f94e71356f1a2caa75ba
SSDEEP

768:Zl2n5x2mGMeD0j0KlHEFWlKbU//cqOcQxZMObD1+dpJUeMyydQOYmOBRy5naz8Gc:D2GmOfWYWluUnwxJbR8UeMyDOPOHy6

Score

N/A

Malware Config

Signatures

Files

221958879d048030d882ac8abe2f6276604388c2d15d06e69f43b0e16205d9b1
.exe windows x86

205d20a24712b4b64b02624d8adb1a4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
Sleep
lstrcmpiA
DeleteFileA
HeapCreate
GetVolumePathNameA
lstrlenA
WaitForSingleObject
IsValidLocale
lstrcmpiA
GetModuleFileNameA
FileTimeToLocalFileTime
GetLogicalDriveStringsA
GetModuleHandleA
lstrcmpiA
CreateMailslotA
CreateNamedPipeA
lstrcmpiA
SetLastError
SuspendThread
GetStdHandle
GetProcessHeap
GetDriveTypeW

rastls

DllCanUnloadNow
DllRegisterServer
DllUnregisterServer
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ