3461815ea479ccfc6d3a6657fad2de39046f7c400536dbd59de22b1e252e9ee6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3461815ea479ccfc6d3a6657fad2de39046f7c400536dbd59de22b1e252e9ee6
Size

58KB
MD5

f443aa9def42d270d1ad802ee65c68b8
SHA1

dae998510658527ff6b6caddb599c364c15e87dd
SHA256

3461815ea479ccfc6d3a6657fad2de39046f7c400536dbd59de22b1e252e9ee6
SHA512

ab0aca4f9e7d422207e7a1b68e63a038e3850f8a59084302030521024de4b282a5c68102714bf040e21430671a3b2026cc17db792c6f110698b5e1fece027cff
SSDEEP

1536:gGgXsF0lnkqPe7uUvq+0UiHRBnU55+UsLQ:AcF0V2Bq+niHRBw+

Score

N/A

Malware Config

Signatures

Files

3461815ea479ccfc6d3a6657fad2de39046f7c400536dbd59de22b1e252e9ee6
.exe windows x86

705bf654505f1296ea8f44a06fb1e6e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetLogicalDriveStringsA
GetProcessHeap
OpenMutexA
DeleteFileA
HeapCreate
lstrcmpiA
IsValidLocale
lstrcmpiA
SetLastError
lstrcmpiA
CreateMailslotA
lstrcmpiA
WaitForMultipleObjects
lstrcmpiA
GetDriveTypeW
GetVolumePathNameA
GetModuleHandleA
lstrlenA
FileTimeToLocalFileTime
Sleep
CreateNamedPipeA
GetModuleFileNameA

scecli

InitializeChangeNotify
DeltaNotify
SceSysPrep
SceOpenPolicy

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ