0836a25bbff242ed5773036fc5610d7fdc70af137abbc8fd04a350c201bb36e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0836a25bbff242ed5773036fc5610d7fdc70af137abbc8fd04a350c201bb36e5
Size

58KB
MD5

c93cea6b4baf95b553a6184822286662
SHA1

96bc906e8027d0ef7944074ec47a441c836684c1
SHA256

0836a25bbff242ed5773036fc5610d7fdc70af137abbc8fd04a350c201bb36e5
SHA512

f240378a00c377734ff6d662f0afb474fa1f8072a1cbfa7b0b51a00da519726a0ec06dffc3a4479fff481bcd12a08fd2ade23a85fed9d955c2df22b5bb2c7138
SSDEEP

1536:foudMnqRZ62uqZWd2mJNF+hyJbhxtikus0MpCGJA0w2:fou0qju726NFZJlOapnA0w

Score

N/A

Malware Config

Signatures

Files

0836a25bbff242ed5773036fc5610d7fdc70af137abbc8fd04a350c201bb36e5
.exe windows x86

7fe6037bf00b7e493363b07e57b782d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
HeapCreate
lstrcmpiA
lstrcmpiA
lstrcmpiA
lstrlenA
GetDriveTypeW
GetBinaryTypeW
SuspendThread
WaitForSingleObject
GetProcessHeap
IsValidCodePage
GetModuleFileNameA
CreateNamedPipeA
SetLastError
FileTimeToLocalFileTime
Sleep
CreateWaitableTimerW
GetStdHandle
GetModuleHandleA
lstrcmpiA
GetLogicalDriveStringsA
EndUpdateResourceW

printui

PnPInterface
PrinterPropPageProvider
bFolderRefresh
bPrinterSetup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ