c3fa5281d24e04a48f90ebe91404eb368014fbb1099a86b2bb66ee74d79efca2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3fa5281d24e04a48f90ebe91404eb368014fbb1099a86b2bb66ee74d79efca2
Size

297KB
MD5

0cd7925e2d93576bc26fb3a4b1d79640
SHA1

b1e6111d5a29ff239bb2ccadb1c07c01c53a84ef
SHA256

c3fa5281d24e04a48f90ebe91404eb368014fbb1099a86b2bb66ee74d79efca2
SHA512

33f42c456322f1233a3df101a114822689eba508b9ba0f18666cc2d731706dda4d49a1271675485c6892ee5e923d8d9910765b52cec80b2a9fd47d5c6ff12f19
SSDEEP

6144:6Z/uRdCsVD5JwTx5L1YnpxD/SDYbCPLenQdf4dKCaqRFdey0e:6udRd5JcRipxD/S0ALenQWdnaqRfeyF

Score

N/A

Malware Config

Signatures

Files

c3fa5281d24e04a48f90ebe91404eb368014fbb1099a86b2bb66ee74d79efca2
.exe windows x86

be0c17a466f17ef44f29ba7547561544

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetStdHandle
WaitForSingleObject
GetVolumePathNameA
lstrcmpiA
SuspendThread
GetModuleHandleA
DeleteFileA
IsValidCodePage
GetProcessHeap
lstrcmpiA
HeapCreate
GetDriveTypeW
lstrcmpiA
SetLastError
CreateNamedPipeA
FileTimeToLocalFileTime
CreateMailslotA
GetLogicalDriveStringsA
lstrcmpiA
lstrcmpiA
GetModuleFileNameA
Sleep

rastls

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 288KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ