c12a6076e44b6fc9417f583820c68319ead40ea38682ba3b3b5a98e7d968f751 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c12a6076e44b6fc9417f583820c68319ead40ea38682ba3b3b5a98e7d968f751
Size

58KB
MD5

00a4162d958c7eb6e4c9a8235e012400
SHA1

48bb9df07109b32dc6ac08788b4fe9b7c1fe09f2
SHA256

c12a6076e44b6fc9417f583820c68319ead40ea38682ba3b3b5a98e7d968f751
SHA512

7b030c1240cfc1662c144d9709ed35d00506130e547789539d44b99a3b09a4e00e512027532ada2753c6983b08926740578b961ab024457ba13d3ec385069604
SSDEEP

1536:CiOl2ODZdQBXZJ/4WuUnwxJbR8UeMyDOPOHy6:Cif8P4vZulxJtx3y

Score

N/A

Malware Config

Signatures

Files

c12a6076e44b6fc9417f583820c68319ead40ea38682ba3b3b5a98e7d968f751
.exe windows x86

75b8af5fc7ee611333d9ee4b531a77bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
WaitForSingleObject
lstrcmpiA
DeleteFileA
FileTimeToLocalFileTime
SetLastError
Sleep
GetModuleHandleA
GetModuleFileNameA
lstrcmpiA
HeapCreate
SuspendThread
lstrcmpiA
CreateMailslotA
lstrcmpiA
GetProcessHeap
lstrlenA
lstrcmpiA
GetDriveTypeW
GetVolumePathNameA
GetLogicalDriveStringsA
IsValidLocale
CreateNamedPipeA

rastls

DllRegisterServer
DllUnregisterServer
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ