f1e09b7674caef1ab5cbb180e368dd56efdc0c68bbf514dad12ffb64700de70f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1e09b7674caef1ab5cbb180e368dd56efdc0c68bbf514dad12ffb64700de70f
Size

806KB
MD5

54efb478587dd7bfb7300201ed953670
SHA1

0453907508c9a3710e0cb4588cb1b4e7ab0fff7f
SHA256

f1e09b7674caef1ab5cbb180e368dd56efdc0c68bbf514dad12ffb64700de70f
SHA512

4dd2fe659af39078865956764c867d1caa485c8d0d5412b8b59325aa30ddc3ce1c56a9a08591270f552f1ba9d2febd382fd0a80dca9d80a66f741ec580b0fd7a
SSDEEP

12288:PBZNBM2LANnGFr/WrYf9sTllIwwX7qIWth2BhThW7QgKUSRr7+Ta:PfN5AFQr/rGBlIDm57ctZgKTF7

Score

N/A

Malware Config

Signatures

Files

f1e09b7674caef1ab5cbb180e368dd56efdc0c68bbf514dad12ffb64700de70f
.exe windows x86

24260f6dbb25883b68c82b12cae671c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
VirtualAllocEx
CreateEventA
IsValidLocale
lstrcpyW
GetModuleFileNameA
FileTimeToLocalFileTime
lstrcpyW
SetCurrentDirectoryA
GetVolumePathNameW
lstrlenW
lstrcpyW
lstrcpyW
GetStartupInfoW
GetStdHandle
SetConsoleTitleA
GetModuleHandleA
GetLocaleInfoA
SetLastError
GetCommState
DeleteFileA
GetMailslotInfo
lstrcpyW

termmgr

DllCanUnloadNow
DllUnregisterServer
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 801KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ