358b947ecfd00909e7416e73c88064584a7dbc95e4b10b287563687692765764 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

358b947ecfd00909e7416e73c88064584a7dbc95e4b10b287563687692765764
Size

299KB
MD5

22ac7a9673686bd8aedb7d4025f88983
SHA1

5704776de89297166e5621fac7bde210a1f2440e
SHA256

358b947ecfd00909e7416e73c88064584a7dbc95e4b10b287563687692765764
SHA512

da087c2663c657bd7c2922bd6cefdfb54a09d0da18f29819953b0f648cbacf47a6a906978d403f75d121d169450e95697f14fd7044aa10ef23960685e78a7a22
SSDEEP

6144:B42uRzWKDR5H6Y00T3kD2XjmsbwBPTm+vED0dLJWjG4g1b:yFKCUY0iK/J1y8dlCG9

Score

N/A

Malware Config

Signatures

Files

358b947ecfd00909e7416e73c88064584a7dbc95e4b10b287563687692765764
.exe windows x86

620728cdbcf8cef3ee8027bb5466f1d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
HeapCreate
GetDriveTypeW
WaitForMultipleObjects
OpenMutexA
Sleep
CreateMailslotA
lstrcmpiA
GetModuleFileNameA
GetLogicalDriveStringsW
SetLastError
GetVolumePathNameW
GetProcessHeap
lstrcmpiA
lstrcmpiA
IsValidLocale
lstrcmpiA
FileTimeToLocalFileTime
lstrlenA
GetModuleHandleA
GetStdHandle
CreateNamedPipeW
lstrcmpiA

scecli

SceOpenPolicy
InitializeChangeNotify
DeltaNotify
SceSysPrep

Sections

.text
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ