25f9921e0c85f01c624f0aa548f8f7a96fe48ddbe39ac19a06a54e372b55341e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25f9921e0c85f01c624f0aa548f8f7a96fe48ddbe39ac19a06a54e372b55341e
Size

61KB
MD5

fc926dd5c84c69ba5ff94d69b197c99f
SHA1

38e5d007f86089f6c4ebcacd250975b81047838a
SHA256

25f9921e0c85f01c624f0aa548f8f7a96fe48ddbe39ac19a06a54e372b55341e
SHA512

0f2a2fded6960d8aa18edfe47d0b433596d96ad78b86b9a89e5b092b64d0fe85fd764b7740b38c4fdfeac180c3f8a261b404482d18a2651db50b23f60177d31c
SSDEEP

1536:WqYw18RmhyAF77R+tDHBnT6QsFVWVTvdai68/M:WZR0+HBWQmWVTYa

Score

N/A

Malware Config

Signatures

Files

25f9921e0c85f01c624f0aa548f8f7a96fe48ddbe39ac19a06a54e372b55341e
.exe windows x86

b5de59b16dbb5a4ee57ef99d4d04f6a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetConsoleAliasW
lstrcpyW
lstrcpyW
lstrlenW
IsValidLocale
GetStdHandle
GetProcessHeap
GetMailslotInfo
GetVolumePathNameW
GetModuleFileNameA
VirtualAllocEx
FileTimeToLocalFileTime
GetLocaleInfoA
GetLogicalDriveStringsW
lstrcpyW
lstrcpyW
SetLastError
GetStartupInfoA
LoadLibraryA
CreateEventA
lstrcpyW
GetCommState

termmgr

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ADATA
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE