4c567ad71f223f3a254da8b67d293114ec57bf368454f56948596270179ccdf6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c567ad71f223f3a254da8b67d293114ec57bf368454f56948596270179ccdf6
Size

55KB
MD5

0923258995cbad20445db019282f9c70
SHA1

e9d01fc9cb51469c6cb08f77e726169a389fc903
SHA256

4c567ad71f223f3a254da8b67d293114ec57bf368454f56948596270179ccdf6
SHA512

b7f0f18eb888df6cf9b10b5b36d39a11ce2e6a6924ad1650b2944d69973a96c208d1d83728bd0ed082ed488e567da34537575a935f759eefcaf82a7c961c11f2
SSDEEP

1536:9H26u0vr6eDUhzHQqaU7D6i2OA8JfmGnkR2wZsZj:9Hwm6eQ9wvU72C/jkcw

Score

N/A

Malware Config

Signatures

Files

4c567ad71f223f3a254da8b67d293114ec57bf368454f56948596270179ccdf6
.exe windows x86

0a0a5d179789556e9a998c3f74037f53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNameW
OpenMutexA
lstrcmpiW
CreateMailslotW
lstrcmpiW
GetModuleFileNameA
GetLogicalDriveStringsW
GetDriveTypeW
lstrcmpiW
DeleteFileA
Sleep
GetProcessHeap
GetStdHandle
WaitForMultipleObjects
lstrcmpiW
lstrcmpiW
FileTimeToLocalFileTime
IsValidLocale
HeapCreate
CreateNamedPipeW
lstrlenA
SetLastError
GetModuleHandleA

scecli

InitializeChangeNotify
DeltaNotify
SceSysPrep
SceOpenPolicy

Sections

.text
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ