39b317eab7aa6c7df994a905ab1478b0a8bcca3a4848f68566fde99f498b9ae1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39b317eab7aa6c7df994a905ab1478b0a8bcca3a4848f68566fde99f498b9ae1
Size

301KB
MD5

aeac84fa7e511a7745c1a7c4ce62e004
SHA1

6548462ffe3c62220ee31e1b57ef12be5450a87e
SHA256

39b317eab7aa6c7df994a905ab1478b0a8bcca3a4848f68566fde99f498b9ae1
SHA512

f05782c4ba7e3652c5f8d626472898b2101c8d6cc4df357a875f60bd21297ce23e13bf52f35cc8e08f155ba6b0297dbfbf6059c3004f10f1b3f85ca1a93626c9
SSDEEP

6144:OuMdcbBWvwQcvxXcGchAR8ReDHZZ1DCPALXREgrBCE5QCkgHA:O1dcbBeci5E8UjH1DsA9dtCE6CkgHA

Score

N/A

Malware Config

Signatures

Files

39b317eab7aa6c7df994a905ab1478b0a8bcca3a4848f68566fde99f498b9ae1
.exe windows x86

dc25fff0084964c480aa2a33bdc7ac4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
lstrcmpiW
GetConsoleAliasW
CreateMailslotW
GetVolumePathNameW
FileTimeToLocalFileTime
lstrcmpiW
IsValidLocale
HeapCreate
GetCommState
DeleteFileA
GetModuleFileNameA
lstrlenA
CreateNamedPipeW
GetStdHandle
Sleep
GetModuleHandleA
SetLastError
lstrcmpiW
lstrcmpiW
lstrcmpiW
GetLogicalDriveStringsW
GetProcessHeap

sqlunirl

wsprintf_
_CallMsgFilter_@8
_AppendMenu_@16
AbortSystemShutdown_

Sections

.text
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ