3a5e1a4bcbf79a75d94e63bbd0743e6f075cfd1617559b350331cf05a0edb622 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a5e1a4bcbf79a75d94e63bbd0743e6f075cfd1617559b350331cf05a0edb622
Size

58KB
MD5

51136ea85b63c91948d8a22b8bc56a71
SHA1

c0dc48ce5c0a2adb62514b346ea1f8ab4f5cd886
SHA256

3a5e1a4bcbf79a75d94e63bbd0743e6f075cfd1617559b350331cf05a0edb622
SHA512

79e6b7eef960d6e3073b9fe92124bf74f77dfec6019b803fa8603fa5d1ca6d5abfbae4f6f6b7dd4ac54234984621393772196204e63bddd7bd121b90a7a0a0d8
SSDEEP

1536:94qiqfE+m/lEGEZpZYMf1p1au26qRrRiri5YZD:94rO8/lEb7vNQBR

Score

N/A

Malware Config

Signatures

Files

3a5e1a4bcbf79a75d94e63bbd0743e6f075cfd1617559b350331cf05a0edb622
.exe windows x86

7163897bde4ed6be4df4473fccb83d93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
WaitForMultipleObjects
FileTimeToLocalFileTime
GetVolumePathNameW
lstrlenA
HeapCreate
IsValidLocale
GetModuleHandleA
CreateNamedPipeW
GetStdHandle
OpenMutexA
GetLogicalDriveStringsW
Sleep
CreateMailslotA
lstrcmpiA
GetModuleFileNameA
lstrcmpiA
lstrcmpiA
GetProcessHeap
lstrcmpiA
DeleteFileA
lstrcmpiA
SetLastError

scecli

DeltaNotify
SceOpenPolicy
SceSysPrep
InitializeChangeNotify

Sections

.text
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ