49f26498161dfe6c211e1d9b8c12f1dc41233fb49a64e3249013a0ed057e3c24 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49f26498161dfe6c211e1d9b8c12f1dc41233fb49a64e3249013a0ed057e3c24
Size

58KB
MD5

3ab1f84c0032c2f01c51c5e18e305c40
SHA1

8ddbec749c06e7d3f552d80eb81c251838b2aaf5
SHA256

49f26498161dfe6c211e1d9b8c12f1dc41233fb49a64e3249013a0ed057e3c24
SHA512

f719c19262aea9bcf0e3cda64945cc98582f6ac8c8d929c9f142cc349c22eb56b4890530d944fa1397274fe14143eb1b3807c7de9b7dfcbc0b6780fdcc15c25d
SSDEEP

1536:DwJ4g4MpVL9exFkRr8kkTI0fJ78o0ycuRzsFgjI1:DY4aF9eJkII0fJ7r0OdjI

Score

N/A

Malware Config

Signatures

Files

49f26498161dfe6c211e1d9b8c12f1dc41233fb49a64e3249013a0ed057e3c24
.exe windows x86

9d7259aa07232ba42d245b0cc1b73f09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLogicalDriveStringsA
lstrcmpiA
GetDriveTypeW
SuspendThread
lstrcmpiA
HeapCreate
GetStdHandle
lstrcmpiA
WaitForSingleObject
DeleteFileA
GetVolumePathNameA
lstrcmpiA
lstrcmpiA
CreateNamedPipeA
IsValidLocale
GetProcessHeap
SetLastError
lstrlenA
Sleep
GetModuleFileNameA
CreateMailslotA
FileTimeToLocalFileTime

rastls

DllGetClassObject
DllRegisterServer
DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rts
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ