17e1856cef26a4bec6821b037e48189fdb83f0a3a6a461cf1623b5832eb1bee7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17e1856cef26a4bec6821b037e48189fdb83f0a3a6a461cf1623b5832eb1bee7
Size

124KB
MD5

2a4f1deab4a8cc91dada47fd4d4902e0
SHA1

3aa0c1fdf28bb90809a3d9e9e4bceb8bc149ceb1
SHA256

17e1856cef26a4bec6821b037e48189fdb83f0a3a6a461cf1623b5832eb1bee7
SHA512

165998420aac4796e25e5704df4bfb42f8a0bd9434f6c81a90070ad2795396ec6f6d0514e7a93fa6f702ceed0eca4cbdce7a7fed02f39733620bea85cd96d4c3
SSDEEP

1536:VKb5+Y3EmRVp6VOuY4J8GCdMtXA2iFbqUpG+GXldwF22MECluKy7PNQIDCOwDJMh:V1Y8OuAGqoXYbQdwL+c+oOF

Score

N/A

Malware Config

Signatures

Files

17e1856cef26a4bec6821b037e48189fdb83f0a3a6a461cf1623b5832eb1bee7
.exe windows x86

1c57335c9b15fdd76b49dfcd83cc7a90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
lstrcpyW
lstrcpyW
GetMailslotInfo
SetCurrentDirectoryA
GetLocaleInfoA
IsValidLocale
lstrlenW
GetProcessHeap
DeleteFileA
lstrcpyW
GetStartupInfoW
SetLastError
GetStdHandle
lstrcpyW
FileTimeToLocalFileTime
SetConsoleTitleA
GetModuleHandleA
GetCommState
VirtualAllocEx
CreateEventA
GetVolumePathNameW
lstrcpyW

termmgr

DllGetClassObject
DllCanUnloadNow
DllUnregisterServer
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ