f6d1c123e4bec6da00042e1bfc0a5a8bb2367531b5c61d8f0fecfdbfabbbd9a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6d1c123e4bec6da00042e1bfc0a5a8bb2367531b5c61d8f0fecfdbfabbbd9a4
Size

295KB
MD5

bea9a5702de89ff2c14d2a52c0da6f70
SHA1

20940e05563628b97f52005a7561cb817b11d0fd
SHA256

f6d1c123e4bec6da00042e1bfc0a5a8bb2367531b5c61d8f0fecfdbfabbbd9a4
SHA512

8f3380a0b8cdb3d6be2a6d8b6581e2ba85e3159208433370cb6cb922a218fb1365f7f8dab9b00012cbb7c48eb5d3fa0da2c0aac92f3faeef64bd538ce0817ac1
SSDEEP

6144:NYebvlzxwUbYWbwJ6KQ0mr4G/XptH/egudL9gnr0VNh5WSK:n/wUMW3KQjjfj//oL9gryh5c

Score

N/A

Malware Config

Signatures

Files

f6d1c123e4bec6da00042e1bfc0a5a8bb2367531b5c61d8f0fecfdbfabbbd9a4
.exe windows x86

45b9e7773209664fcade60d250320373

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeW
IsValidCodePage
GetStdHandle
GetModuleFileNameA
GetDriveTypeA
EndUpdateResourceW
lstrlenA
lstrcmpiA
lstrcmpiA
GetExitCodeProcess
lstrcmpiA
FileTimeToLocalFileTime
CreateNamedPipeA
lstrcmpiA
SetLastError
CreateWaitableTimerW
SuspendThread
HeapCreate
GetLogicalDrives
Sleep
GetModuleHandleA
GetProcessHeap
lstrcmpiA

printui

bPrinterSetup
ConstructPrinterFriendlyName
bFolderRefresh
PnPInterface

Sections

.text
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rcrc
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xml
Size: 1024B - Virtual size: 643B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE