4f885030b604b7542255620c92f6449ab8a8dfc0c3c5a476a6809eaa8673df00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f885030b604b7542255620c92f6449ab8a8dfc0c3c5a476a6809eaa8673df00
Size

58KB
MD5

1cb92180d7a9bc04758b82d3c68d6ff0
SHA1

66b1d72653a7a3c5578eb26e7e38dd2847de769d
SHA256

4f885030b604b7542255620c92f6449ab8a8dfc0c3c5a476a6809eaa8673df00
SHA512

49ac9866f0ba31079cc03e9ba1482d12b70b7dc649f91e2901c49bbab00861f189f550de715e9388e85c9c3ea6b85eaeb8a16fbef4d99a3af2cb32ab0ad92a94
SSDEEP

1536:a1Dq/BpWXJuqn2Eo+7+nfR9b6/D1VKlZBK5v0dlIC:a1Dq3o7EvIVWZBKZiI

Score

N/A

Malware Config

Signatures

Files

4f885030b604b7542255620c92f6449ab8a8dfc0c3c5a476a6809eaa8673df00
.exe windows x86

449a6a5b26b857dfc38b44f672baabd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetModuleHandleA
CreateNamedPipeA
CreateMailslotA
DeleteFileA
lstrlenA
IsValidLocale
lstrcmpiA
HeapCreate
GetModuleFileNameA
GetVolumePathNameA
GetDriveTypeW
SetLastError
WaitForMultipleObjects
GetLogicalDriveStringsA
FileTimeToLocalFileTime
OpenMutexA
GetProcessHeap
lstrcmpiA
Sleep
lstrcmpiA
GetStdHandle
lstrcmpiA

scecli

SceOpenPolicy
DeltaNotify
InitializeChangeNotify
SceSysPrep

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ