1a364f6e138ba6b128d27bb1515507014ca6a02cc7a4a3cc876873cb6a8a9ad5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a364f6e138ba6b128d27bb1515507014ca6a02cc7a4a3cc876873cb6a8a9ad5
Size

506KB
MD5

0cdb0619868946a85206053cfa40a590
SHA1

168713745977c0c379aadc0ba6bb8707ed293040
SHA256

1a364f6e138ba6b128d27bb1515507014ca6a02cc7a4a3cc876873cb6a8a9ad5
SHA512

3a654cdb8638ae40ddf872d1578636865a15a6034a6fd8c2a7e9d19a963df9ed0f4b113d3340c0a81594cb51718d88abc9fd6f7099be4f9ac7e3687e5d34cc7d
SSDEEP

6144:reEyFl6mg3fCsWgPCJTGT41PFZ7f9EzkIGdKThTKnaVPh9sR9Qku4Qa9IpeamcPK:yF6m2fpRPkTk0PFZPIGd1QoaXDo/69K

Score

N/A

Malware Config

Signatures

Files

1a364f6e138ba6b128d27bb1515507014ca6a02cc7a4a3cc876873cb6a8a9ad5
.exe windows x86

29430aad8c0f6131d6222e2920566d00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
DeleteFileA
Sleep
CreateEventA
IsValidLocale
VirtualAllocEx
LoadLibraryA
GetVolumePathNameW
lstrcpyA
GetStartupInfoA
CreateNamedPipeW
lstrlenW
lstrcpyA
GetLogicalDriveStringsW
GetCommState
GetProcessHeap
GetModuleFileNameA
GetConsoleAliasW
FileTimeToLocalFileTime
lstrcpyA
SetLastError
lstrcpyA
GetStdHandle

tapi3

DllCanUnloadNow
DllGetClassObject
DllUnregisterServer
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RDATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 496KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE