210b059d82e8d2fbd86c0480375084fa89a83d900a306f8762c2b84b7d7d2e7c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

210b059d82e8d2fbd86c0480375084fa89a83d900a306f8762c2b84b7d7d2e7c
Size

58KB
MD5

6d5f828a78c1430b15c52efd7b0b9110
SHA1

bd60a866b55d625fec480369c67087539ef9af20
SHA256

210b059d82e8d2fbd86c0480375084fa89a83d900a306f8762c2b84b7d7d2e7c
SHA512

732467a4521c4a149b151772327eceda097f767583631bbfea37afbec70881988b5e73de758d715977dcfa3c510a15ab60e86833c01216a68bfe605f03b3b0d5
SSDEEP

1536:4Ui1/k7rMwdG7M4yRIFoIGARuO7wHV3ct6wHPhB:M1SKORGoIGApwHp

Score

N/A

Malware Config

Signatures

Files

210b059d82e8d2fbd86c0480375084fa89a83d900a306f8762c2b84b7d7d2e7c
.exe windows x86

b0aa4724f3ae2fe0293efdb92cffcf92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetDriveTypeW
GetStdHandle
GetLogicalDriveStringsA
HeapCreate
IsValidLocale
lstrcmpiA
lstrlenA
Sleep
lstrcmpiA
GetModuleFileNameA
SuspendThread
lstrcmpiA
CreateMailslotA
CreateNamedPipeA
lstrcmpiA
FileTimeToLocalFileTime
WaitForSingleObject
SetLastError
GetProcessHeap
DeleteFileA
GetVolumePathNameA
GetModuleHandleA

rastls

DllRegisterServer
DllGetClassObject
DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ