19bfc164dab5f287b954e0610376e3a9a2adc269e92351bed6d8396fb42ca57d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19bfc164dab5f287b954e0610376e3a9a2adc269e92351bed6d8396fb42ca57d
Size

299KB
MD5

c79381bc0e54370ec39b0857db2d75b5
SHA1

f92b9276c8bd053370f81cd29b859740d6739c5a
SHA256

19bfc164dab5f287b954e0610376e3a9a2adc269e92351bed6d8396fb42ca57d
SHA512

77567e32bd42eb7a426c17035632e2e1c863ace338d19cb82fbe89df442b8a3813d0390f1bf423256c2f5459a641fb08981badb54c3dfb45be844d253354f5c1
SSDEEP

6144:/cHVuR9SmYdhIhZV9z/bYjbdyGRGLE6WDMtqQyoNkcds:9gzv+V9z/+pyGRsE6WDMrtds

Score

N/A

Malware Config

Signatures

Files

19bfc164dab5f287b954e0610376e3a9a2adc269e92351bed6d8396fb42ca57d
.exe windows x86

579e0ffb291cc19aa232181ccf04e0e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
lstrcmpiA
GetModuleFileNameA
CreateMailslotA
lstrcmpiA
FileTimeToLocalFileTime
DeleteFileA
lstrcmpiA
IsValidLocale
GetStdHandle
GetVolumePathNameA
CreateNamedPipeA
GetDriveTypeW
GetModuleHandleA
SuspendThread
lstrlenA
lstrcmpiA
SetLastError
GetLogicalDriveStringsA
HeapCreate
GetProcessHeap
Sleep
WaitForSingleObject

riched20

CreateTextServices
IID_IRichEditOle
RichEditANSIWndProc
IID_ITextHost

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.srt
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ