394c5631339c44fc0d3b3a52e440a3b96e1b8a0aa6f09f389bd43fbdd926f36c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

394c5631339c44fc0d3b3a52e440a3b96e1b8a0aa6f09f389bd43fbdd926f36c
Size

303KB
MD5

6a2f31d8c19bebde9c2f73e5c511253a
SHA1

3dc6c3d3e8c251fbee9d20abf7898e151c430de2
SHA256

394c5631339c44fc0d3b3a52e440a3b96e1b8a0aa6f09f389bd43fbdd926f36c
SHA512

2d575c52f20b3a47c2ed2a25976f0b7f44c0d42755e17b3e038c9922bfae448fc047da103a5fe4f60959f2cf32edfac9cbe58856c627cd2c1f787370fbfb8c65
SSDEEP

6144:4o2Eo0dcbBWINR+XmDeyiV48YLcj6f42+FTJCAkwE8BqOn5FLM92x1:9O0dcbBvz+XmDeycfbjs4bFsAm+pn5Za

Score

N/A

Malware Config

Signatures

Files

394c5631339c44fc0d3b3a52e440a3b96e1b8a0aa6f09f389bd43fbdd926f36c
.exe windows x86

a1eebb6267685464912412c49f8c760c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
IsValidLocale
GetCommState
GetVolumePathNameW
Sleep
CreateNamedPipeW
FileTimeToLocalFileTime
GetStdHandle
GetLogicalDriveStringsW
lstrcmpiW
GetModuleHandleA
lstrcmpiW
lstrcmpiW
GetModuleFileNameA
GetStartupInfoA
lstrlenW
GetProcessHeap
HeapCreate
CreateMailslotW
GetConsoleAliasW
SetLastError
lstrcmpiW
lstrcmpiW

sqlunirl

_AppendMenu_@16
AbortSystemShutdown_
wsprintf_
_CallMsgFilter_@8

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RDATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ