4ced56d9e165c3b59ace856ebfd14f505923f3437947718e14beffa714da0a87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ced56d9e165c3b59ace856ebfd14f505923f3437947718e14beffa714da0a87
Size

818KB
MD5

8961a60be836474604dbc58333834b3a
SHA1

ba676daa060e54b558e186c2ad171c78b91263c3
SHA256

4ced56d9e165c3b59ace856ebfd14f505923f3437947718e14beffa714da0a87
SHA512

ea2077b808546e082967e263b12c0e704e1b39cbc5620ec8a5fec655278591868f586fc66b26b9588c5709a3834fbcab65d53a27a4ab84e1902ad7fe81147e01
SSDEEP

12288:T1kG7XVQFP27ynaXw8t9Clf72ozHLDEXjj6VL/Nc5FzrqckZXRLEuniLQCm:ZkEIP27yavtSDwsNu12ckrCLQC

Score

N/A

Malware Config

Signatures

Files

4ced56d9e165c3b59ace856ebfd14f505923f3437947718e14beffa714da0a87
.exe windows x86

5c4e38ba83662ae118c819f1adfb0b2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
lstrcmpW
SetThreadPriority
lstrcpynA
VirtualProtect
lstrcpynA
Heap32First
GetModuleHandleA
GetDiskFreeSpaceW
GetVolumeInformationA
lstrcpynA
lstrcpynA
lstrcpynA
lstrcpynA
VirtualFree
lstrcpynA
lstrcpynA
FindFirstVolumeA
WriteFile
OpenMutexW
GetCurrentThreadId
ReadConsoleA
GetCurrentDirectoryA
lstrcatA
GetPrivateProfileIntA
GetSystemTime
lstrcpynA
GetFileType
lstrcpynA

comuid

DllUnregisterServer
DllGetClassObject
DllCanUnloadNow
DllRegisterServer

Sections

.text
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ