b8005aadc3129373d718dc81c2dce099dd74c8bfc4c1a9315862f57e2af432da | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8005aadc3129373d718dc81c2dce099dd74c8bfc4c1a9315862f57e2af432da
Size

58KB
MD5

11b607838b8f12e8189f531408c480e0
SHA1

cf2efab9809b8ae500119ee9ffe25d3106944d76
SHA256

b8005aadc3129373d718dc81c2dce099dd74c8bfc4c1a9315862f57e2af432da
SHA512

e78cdb9a99d40d60b29c1fba1bee058a0fb387d5cbf056a91ecf1736d1e221fb288184f3319635c600723be886b6ab20cc1a746e2efaeeb123018756f3328e56
SSDEEP

1536:edTrxyTZp6Sbuqf661ye6TBiuld2GHEZD:eZVyaE/ye6TNlPH

Score

N/A

Malware Config

Signatures

Files

b8005aadc3129373d718dc81c2dce099dd74c8bfc4c1a9315862f57e2af432da
.exe windows x86

9208ace4cdc9ab2732ac1d5c9b5c3691

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
DeleteFileA
lstrlenA
CreateMailslotA
GetModuleHandleA
lstrcmpiA
GetVolumePathNameW
CreateNamedPipeW
GetStdHandle
lstrcmpiA
GetProcessHeap
OpenMutexA
IsValidLocale
lstrcmpiA
HeapCreate
FileTimeToLocalFileTime
GetLogicalDriveStringsW
lstrcmpiA
SetLastError
lstrcmpiA
Sleep
GetModuleFileNameA
WaitForMultipleObjects

scecli

InitializeChangeNotify
DeltaNotify
SceSysPrep
SceOpenPolicy

Sections

.text
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ