9a5887e25b5122ba4d92a6bd55a60a8e42ec5b0d78102dea5df8abd63f810919 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a5887e25b5122ba4d92a6bd55a60a8e42ec5b0d78102dea5df8abd63f810919
Size

822KB
MD5

90473e27c41b07b3ef92a611548cd4df
SHA1

75049d98bb3e2ca94da23b21ea2ecaa000657909
SHA256

9a5887e25b5122ba4d92a6bd55a60a8e42ec5b0d78102dea5df8abd63f810919
SHA512

bb814507fb5df9967f2049ba08f734b576012bbee121b20b9cae21196b87341b37c2950485ac6ce185ecf3d55d4d8b38614609d14928b393b21b0b315d452b0c
SSDEEP

24576:zh2E3RPr1wgxtXPCpE9TuRrYs2qUNAumqvOTXXt:12KPr7xFqpEKssy2Tt

Score

N/A

Malware Config

Signatures

Files

9a5887e25b5122ba4d92a6bd55a60a8e42ec5b0d78102dea5df8abd63f810919
.exe windows x86

ea73f8590b33837cc5f8852994edede7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapFree
GetSystemTime
WriteFile
GetPrivateProfileIntW
CompareStringW
GetEnvironmentVariableW
ReadConsoleW
VirtualProtectEx
CreateMailslotW
GetFileType
GetCurrentDirectoryA
GetTimeFormatA
lstrcmpW
GetModuleHandleA
lstrcatA
GetVolumeInformationA
GetDiskFreeSpaceW
GetLastError
GetProcessHeap

dmdskmgr

DllGetClassObject
DllRegisterServer
?namecmp@@YGHPBG0@Z
DllCanUnloadNow

Sections

.text
Size: 20KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 798KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ