bab694865023795300e65cb1bf4839de2b7c941be293f3e7f0e8405cf56b82f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bab694865023795300e65cb1bf4839de2b7c941be293f3e7f0e8405cf56b82f0
Size

56KB
MD5

12c3f87e6867cc7096446657bb3985c0
SHA1

f0bd695b4093a493a99c5532ddde5538ac0d2199
SHA256

bab694865023795300e65cb1bf4839de2b7c941be293f3e7f0e8405cf56b82f0
SHA512

aeb4a5a067856d39e299de5fc51af2859218f00b649a04393a2e7f33c35aa7c19007cc49d492ecedda0dc625db4220f7a9eaf470ab1d005050c540f65125ce16
SSDEEP

768:mzqmwg1Dl109IIE29jMDL/4oGIFXLDZPE80bn5lg4LXDYPIjVYcfJoX+iC0mDc:23n5IPHdSDZPExVf76qYcfJoX7LmD

Score

N/A

Malware Config

Signatures

Files

bab694865023795300e65cb1bf4839de2b7c941be293f3e7f0e8405cf56b82f0
.exe windows x86

68c3ae82a3c22220932e3ad902736f9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
lstrcmpiW
GetVolumePathNameW
SetLastError
lstrlenW
CreateNamedPipeW
GetModuleHandleA
lstrcmpiW
DeleteFileA
GetConsoleAliasW
GetLogicalDriveStringsW
lstrcmpiW
IsValidLocale
GetProcessHeap
HeapCreate
GetStdHandle
GetStartupInfoA
Sleep
GetModuleFileNameA
GetCommState
CreateMailslotW
lstrcmpiW
FileTimeToLocalFileTime

sqlunirl

_AppendMenu_@16
_CallMsgFilter_@8
wsprintf_
AbortSystemShutdown_

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RDATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ