d952c87b40e8dda260ae122bc4ce2d438a660850cca49b528918625133b256bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d952c87b40e8dda260ae122bc4ce2d438a660850cca49b528918625133b256bf
Size

301KB
MD5

31d545a3e0ed896459abc3f6f875ba10
SHA1

484030abab15db4fa94214409e612b30da63bc97
SHA256

d952c87b40e8dda260ae122bc4ce2d438a660850cca49b528918625133b256bf
SHA512

4e8c3567372c897d335c4de11ceea556bf4b40ac8942a6072a35c6fdf43dce02b9b2ff35b93e56fb3a3f45ee6f22b0f52c7058108db662da6d8cf4a6c567e430
SSDEEP

6144:0uRzEz+SnxwcjA7c4CR0L1nm3h5k3S9vXogq/yzbm2:n6+SxwcjA20L1nXsvXIuS2

Score

N/A

Malware Config

Signatures

Files

d952c87b40e8dda260ae122bc4ce2d438a660850cca49b528918625133b256bf
.exe windows x86

48fc5a87890921c990a00eb0dc60bef3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrcmpiW
lstrcmpiW
CreateNamedPipeW
OpenMutexA
GetProcessHeap
DeleteFileA
lstrcmpiW
Sleep
GetVolumePathNameW
GetModuleHandleA
SetLastError
GetLogicalDriveStringsW
FileTimeToLocalFileTime
GetDriveTypeW
GetModuleFileNameA
GetStdHandle
CreateMailslotW
HeapCreate
lstrcmpiW
lstrcmpiW
IsValidLocale
WaitForMultipleObjects

scecli

SceSysPrep
InitializeChangeNotify
DeltaNotify
SceOpenPolicy

Sections

.text
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ