d1452d639216a952897641a2f2d223e2f93796ad12e42213e0caa4a9b26eae9b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1452d639216a952897641a2f2d223e2f93796ad12e42213e0caa4a9b26eae9b
Size

300KB
MD5

54edbd6f85f24e8abd65f189a3cba4c0
SHA1

63fba6815aa51fc9bb62aab49d15589181493fbe
SHA256

d1452d639216a952897641a2f2d223e2f93796ad12e42213e0caa4a9b26eae9b
SHA512

e80ade8cbf52a81f4d124e734494c1f12bb5cda9f46fba15c6bd4f4d4832323e9345e449ef143f54018018bbc3bdd180c7c072ecf1ed76dceedc5897b504f945
SSDEEP

6144:U9+IhFwMaU7pEBl21LEMaQ5wKHm7+4/rYtTP4kNIZjJXoUCDcDueSCto:Ugs7N7pEBczaQZm7Fsd4kWVdoUGcieHO

Score

N/A

Malware Config

Signatures

Files

d1452d639216a952897641a2f2d223e2f93796ad12e42213e0caa4a9b26eae9b
.exe windows x86

32fd5581072f02f900eb273d90cfbf85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetModuleHandleA
GetLocaleInfoA
SetConsoleTitleA
FileTimeToLocalFileTime
VirtualAllocEx
GetVolumePathNameW
GetStartupInfoW
lstrcpyW
GetCommState
DeleteFileA
CreateEventA
GetModuleFileNameA
SetLastError
lstrcpyW
IsValidLocale
lstrlenW
lstrcpyW
SetCurrentDirectoryA
GetStdHandle
GetMailslotInfo
GetProcessHeap
lstrcpyW

termmgr

DllUnregisterServer
DllCanUnloadNow
DllRegisterServer
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ