12842646b7991b602efe9180a67b1eeed70e315fb5d627e958f4274fd7574522 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12842646b7991b602efe9180a67b1eeed70e315fb5d627e958f4274fd7574522
Size

303KB
MD5

6f615b97f2658d82d0fbfaf973e5a690
SHA1

392f608e25d9b792c909d97253c47106e6d33215
SHA256

12842646b7991b602efe9180a67b1eeed70e315fb5d627e958f4274fd7574522
SHA512

a1e8067b3adb1b2ad6352acc052d278fc26111606f4fbac00d4348927010189ca704d68be14a6806809c6950573bc35e9259bfff3aef448d9459b5e9fa22482a
SSDEEP

6144:8X5ddcbBWbm6p7bQ3t2oDbgSrJrXY8ts3pAeH6XNwIDPVPr:Y5ddcbBKvcd2cbx1LS3CeHE7LV

Score

N/A

Malware Config

Signatures

Files

12842646b7991b602efe9180a67b1eeed70e315fb5d627e958f4274fd7574522
.exe windows x86

0259df1f62e505b393f4ebc68e67452f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcessHeap
lstrcpyW
lstrcpyW
lstrlenW
lstrcpyW
GetLocaleInfoA
GetCommState
GetStdHandle
FileTimeToLocalFileTime
DeleteFileA
lstrcpyW
lstrcpyW
LoadLibraryA
SetLastError
GetStartupInfoA
GetConsoleAliasW
GetMailslotInfo
VirtualAllocEx
GetVolumePathNameW
IsValidLocale
CreateEventA
GetLogicalDriveStringsW

tapi3

DllCanUnloadNow
DllUnregisterServer
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ADATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE