1a3f254351c4d9bd865ca42c964b4e6be6aa2db3883bc936289274d5d78f9476 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a3f254351c4d9bd865ca42c964b4e6be6aa2db3883bc936289274d5d78f9476
Size

301KB
MD5

7beefc795e6376e37af658680b87a8af
SHA1

8a209de800dd394543b102cb92644bfe09c84f72
SHA256

1a3f254351c4d9bd865ca42c964b4e6be6aa2db3883bc936289274d5d78f9476
SHA512

4977026e3a48d15f916cad9e532696189dddc04754cbdc12004e12bac714a22fdc701bbf9c89ffcdef86825c980cf3dc181fd76b9c0b5b3a06b473440a39120d
SSDEEP

6144:3TJuRjCGkUwC2jCdy1NPR5AlT0pvpmMUC22uCab+:C6G2AiR5Ad0KzZj

Score

N/A

Malware Config

Signatures

Files

1a3f254351c4d9bd865ca42c964b4e6be6aa2db3883bc936289274d5d78f9476
.exe windows x86

c2f3225672e61f9915441e54c7c74884

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
HeapCreate
lstrcmpiA
lstrcmpiA
CreateNamedPipeW
FileTimeToLocalFileTime
Sleep
GetDriveTypeW
GetVolumePathNameW
DeleteFileA
lstrcmpiA
lstrcmpiA
CreateMailslotA
SetLastError
lstrlenA
OpenMutexA
GetModuleHandleA
IsValidLocale
GetModuleFileNameA
GetStdHandle
GetProcessHeap
lstrcmpiA
GetLogicalDriveStringsW

scecli

SceOpenPolicy
SceSysPrep
InitializeChangeNotify
DeltaNotify

Sections

.text
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ