4354d682c119eca6f1fcbf160093b5d40674ecd84401375a15415a476b5d73c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4354d682c119eca6f1fcbf160093b5d40674ecd84401375a15415a476b5d73c0
Size

58KB
MD5

a98adb49843268e1da7b307184255d62
SHA1

09f7f67d93f065ec45f48e9124b78685facc1300
SHA256

4354d682c119eca6f1fcbf160093b5d40674ecd84401375a15415a476b5d73c0
SHA512

e06be1d4f29aff2c609590f689c8bcfa970ae099487f1000f66a11a739de68ada0baaa3fea4d198ba0fd80263f0468ad2b51e4fe9c9fa5c52e06fd958635e5b2
SSDEEP

1536:ZWhnwXJeTmYUCXqZqDXdTVq5dTHLIDMnZD:ZW+XcFSwD905lCM

Score

N/A

Malware Config

Signatures

Files

4354d682c119eca6f1fcbf160093b5d40674ecd84401375a15415a476b5d73c0
.exe windows x86

bebc9fd4a0ee5402053cb9c28f115b64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
GetProcessHeap
lstrcmpiA
CreateMailslotA
lstrcmpiA
GetVolumePathNameW
lstrcmpiA
GetModuleHandleA
DeleteFileA
OpenMutexA
GetDriveTypeW
GetStdHandle
lstrcmpiA
CreateNamedPipeW
SetLastError
HeapCreate
FileTimeToLocalFileTime
GetModuleFileNameA
lstrcmpiA
Sleep
lstrlenA
GetLogicalDriveStringsW
IsValidLocale

scecli

SceSysPrep
InitializeChangeNotify
DeltaNotify
SceOpenPolicy

Sections

.text
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ