2843d4afefa9e0726aabadeb065bc7c9543c5264422fbaacd6f6acbfc88f3446 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2843d4afefa9e0726aabadeb065bc7c9543c5264422fbaacd6f6acbfc88f3446
Size

818KB
MD5

0220eaabf1981db5bf3dfc547afb2775
SHA1

94b724fec5c6be04dd8723d534103d8220756a7e
SHA256

2843d4afefa9e0726aabadeb065bc7c9543c5264422fbaacd6f6acbfc88f3446
SHA512

675417b9f4cda02f3ac52c05e2b0c3431cae7419185f8b98b77c309c999d9b6374248e681a1e0e7faa0ea53d9e5db70c14c80eaacd1a8ee6722fad9248f10cfd
SSDEEP

24576:YorkHWgKfQ5qn9aSgZCq5Uqo96iCjyxfs0Y/PN:zYH1L5qn45+mpb

Score

N/A

Malware Config

Signatures

Files

2843d4afefa9e0726aabadeb065bc7c9543c5264422fbaacd6f6acbfc88f3446
.exe windows x86

0293f2f680afcdefd7995b2da46cabb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
lstrcmpW
GetSystemTime
GetDriveTypeA
lstrcpynA
GetVolumeInformationA
GetModuleHandleA
lstrcpynA
FindFirstVolumeA
VirtualProtect
GetFileType
GetPrivateProfileIntA
lstrcpynA
Heap32First
lstrcpynA
OpenMutexW
GetDiskFreeSpaceW
lstrcatA
VirtualFree
lstrcpynA
lstrcpynA
SetThreadPriority
GetCurrentDirectoryA
ReadConsoleA
lstrcpynA
WriteFile
GetCurrentThreadId
lstrcpynA
lstrcpynA

comuid

DllUnregisterServer
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

Sections

.text
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ