98f0b3a20a0738694bc107a45cc5c55a0d07baf664dbceaeceb253e3b2afa4bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98f0b3a20a0738694bc107a45cc5c55a0d07baf664dbceaeceb253e3b2afa4bd
Size

808KB
MD5

5dc3ae1886ac7dac90ec73a1abc7b04d
SHA1

62f33375de584040d86c164bf040ae62d7479a4a
SHA256

98f0b3a20a0738694bc107a45cc5c55a0d07baf664dbceaeceb253e3b2afa4bd
SHA512

9ba625a408cc9f298303e18b28a3e75bb5e91b51b436bb12ebfb5374073812b6a4203e8d2b24795555d3132f0f5fcab8a32436ff71db27634bf08061415a7785
SSDEEP

24576:pAf7xAK7aT2Yt5KHhOPMKeOjRs95+RU2huCsXp:iT+K7aT2Yt5KHhO85W5uC6p

Score

N/A

Malware Config

Signatures

Files

98f0b3a20a0738694bc107a45cc5c55a0d07baf664dbceaeceb253e3b2afa4bd
.exe windows x86

ba0ba823ac7bb11ac04ce4e82d319305

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
IsValidLocale
GetProcessHeap
lstrcpyW
SetLastError
CreateEventA
VirtualAllocEx
lstrcpyW
lstrlenW
FileTimeToLocalFileTime
GetLogicalDriveStringsW
DeleteFileA
GetStdHandle
GetModuleFileNameA
GetLocaleInfoA
GetConsoleAliasW
lstrcpyW
GetStartupInfoA
GetVolumePathNameW
GetMailslotInfo
LoadLibraryA
lstrcpyW
GetCommState

tapi3

DllRegisterServer
DllGetClassObject
DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 799KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE