bfa4322d304d11c6428f2a0b88fb2390d336e8c8a353641b4b270e52701be2ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfa4322d304d11c6428f2a0b88fb2390d336e8c8a353641b4b270e52701be2ed
Size

300KB
MD5

02bbc4ff46b8dd5a97e7bc1f777c2c10
SHA1

b0d6d358741bec98887a3e895aa7e07d1575b95a
SHA256

bfa4322d304d11c6428f2a0b88fb2390d336e8c8a353641b4b270e52701be2ed
SHA512

9dd9a2a1f3dd160385f081b46129af14f111ade6773a5d44065f87556d4ea17d640559cdb3c61e856871263217f6ca06d1a43d6894de3054eba0bea00b4130eb
SSDEEP

6144:omuR1clr2kqzumfGCWmrj7nvLwvmvMzzDkbYclLLY6W:o16MN/fNLjwOkz/kztM6W

Score

N/A

Malware Config

Signatures

Files

bfa4322d304d11c6428f2a0b88fb2390d336e8c8a353641b4b270e52701be2ed
.exe windows x86

c97e40c6c4377a1a7d24e3ec1985e72a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
lstrcmpiA
lstrcmpiA
WaitForSingleObject
CreateMailslotA
lstrcmpiA
FileTimeToLocalFileTime
GetDriveTypeW
GetProcessHeap
DeleteFileA
CreateNamedPipeA
lstrlenA
GetStdHandle
lstrcmpiA
IsValidLocale
SuspendThread
GetLogicalDriveStringsA
GetVolumePathNameA
SetLastError
GetModuleHandleA
lstrcmpiA
HeapCreate
GetModuleFileNameA

scecli

InitializeChangeNotify
DeltaNotify
SceOpenPolicy
SceSysPrep

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ