92e11482413eafb7d688c37c4559a71c4bb3432173cfe57523ba896182741413 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92e11482413eafb7d688c37c4559a71c4bb3432173cfe57523ba896182741413
Size

420KB
MD5

cd381eb48d0fded914c0df0647215716
SHA1

002e647e3ab163233e40ce686259f0dd230fd822
SHA256

92e11482413eafb7d688c37c4559a71c4bb3432173cfe57523ba896182741413
SHA512

2e3cae0ea0d88863d8788f546d4397f19b4adc315ddd881cfbf697b2f8c600a1ff5a883ce0bdae2792f799b437d20e246dea4789796b321c8cf020d7afff98cd
SSDEEP

6144:0BujHHSyBsfxNfIY4CKCIooK59pzTrxSiEC5syAClMgUf0ti:0BsHyQYv5ZcA5v3RsXCmLf0

Score

N/A

Malware Config

Signatures

Files

92e11482413eafb7d688c37c4559a71c4bb3432173cfe57523ba896182741413
.dll windows x86

9fe8ad4136c704ba730ca7849fb2c993

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
HeapReAlloc
HeapDestroy
OpenEventW
FindResourceExW
FindResourceW
SetLastError
HeapAlloc
GetProcessHeap
HeapFree
LoadLibraryW
LoadLibraryA

rpcrt4

RpcStringBindingParseW
RpcBindingVectorFree
RpcBindingToStringBindingW
RpcEpUnregister
RpcEpRegisterW
RpcServerListen
RpcServerRegisterIfEx
RpcServerRegisterAuthInfoW
RpcServerInqDefaultPrincNameW
RpcImpersonateClient
UuidCreate
UuidToStringW
RpcMgmtStopServerListening
RpcAsyncAbortCall

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 382KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ