1c4c426e1188febb5f96e79107bba5abc7e306b36f309af4d23ed8f0beb8a60b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c4c426e1188febb5f96e79107bba5abc7e306b36f309af4d23ed8f0beb8a60b
Size

301KB
MD5

88da6af3faa9e5b286dc68054434ef1b
SHA1

b1d6d9526483e890ecfbeaaa87e752bb6c8556c0
SHA256

1c4c426e1188febb5f96e79107bba5abc7e306b36f309af4d23ed8f0beb8a60b
SHA512

2e6135753b65ca465c5dc41ed4097323538b62d27ea1cf5db0b52288390c2f2574bbdc76914b52d37cf3bc15c29c12aa92965fdec426fbea2ef295eb8dec6a81
SSDEEP

6144:GcdcbBWnnpIdvqB2oSwYypDBPgOwJnoyLQ8qkF:/dcbBqnpIdvpCZLwtLQ8XF

Score

N/A

Malware Config

Signatures

Files

1c4c426e1188febb5f96e79107bba5abc7e306b36f309af4d23ed8f0beb8a60b
.exe windows x86

595f853872851e1049d9ca5c3adae46c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
lstrcmpiW
CreateNamedPipeW
GetConsoleAliasA
HeapCreate
GetCommState
GetStartupInfoA
CreateMailslotW
lstrcmpiW
Sleep
lstrcmpiW
GetModuleHandleA
SetLastError
GetStdHandle
GetVolumePathNameW
FileTimeToLocalFileTime
GetModuleFileNameA
DeleteFileA
lstrcmpiW
lstrcmpiW
IsValidLocale
GetLogicalDriveStringsW
lstrlenA

scecli

SceSysPrep
DeltaNotify
SceOpenPolicy
InitializeChangeNotify

Sections

.text
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ