11ef7121db071564889a52dd7c8aa4e17e866b5dada19f1a116eb6366f130c0c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11ef7121db071564889a52dd7c8aa4e17e866b5dada19f1a116eb6366f130c0c
Size

113KB
MD5

8203e6e637cd4ae814d985935b01631a
SHA1

63d4fb6c80750823b85872599b974a610be7de78
SHA256

11ef7121db071564889a52dd7c8aa4e17e866b5dada19f1a116eb6366f130c0c
SHA512

dd111ad46011f2e98153746b15c33bd9d3b691b14b9d93757bdf209d22c5ad44636ddf2935373d64ea1816581f7def6d01df76a8c89d551581626a18e8b5e4d4
SSDEEP

1536:RS424KwgEdH7mgN2x2XOBvo202CDp/eJIJiS7+vd9xobrBgnBdrbu9hG:A7gsx2+Bv723JinvdrirB4Bdry

Score

N/A

Malware Config

Signatures

Files

11ef7121db071564889a52dd7c8aa4e17e866b5dada19f1a116eb6366f130c0c
.exe windows x86

ff72aea4fcaf887cb07f97661608d334

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetProcessHeap
lstrcmpiA
GetModuleHandleA
FileTimeToLocalFileTime
SetLastError
GetLogicalDriveStringsA
lstrlenA
Sleep
IsValidCodePage
GetDriveTypeW
CreateMailslotA
CreateNamedPipeA
WaitForSingleObject
SuspendThread
DeleteFileA
HeapCreate
GetStdHandle
lstrcmpiA
lstrcmpiA
lstrcmpiA
GetModuleFileNameA
GetVolumePathNameA

rasdlg

RasEntryDlgA
DwTerminalDlg
RouterEntryDlgA
RasDialDlgA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ