b9f7843568cdbbe372fcee9017abc463d7fef76b3615146ce48221169b3faaca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9f7843568cdbbe372fcee9017abc463d7fef76b3615146ce48221169b3faaca
Size

263KB
MD5

132c5e60c1c58216930c5b091963f380
SHA1

6cae79d8d53078583bf91d448538e27f703d0c55
SHA256

b9f7843568cdbbe372fcee9017abc463d7fef76b3615146ce48221169b3faaca
SHA512

f8632582187bdad25d8d4de81681eb3b9132f191b31fe1eb27941ab28f997ac4c4d31b83dfc359787cf6f0823cf564910f33fd50dd6c8c443a95994d229f1cfc
SSDEEP

6144:OL45zcKqbV0uP4fmVwP0vIUdJc+t/Ekz6B8ABp:o45zH4VQmVJZJdEkz69Bp

Score

N/A

Malware Config

Signatures

Files

b9f7843568cdbbe372fcee9017abc463d7fef76b3615146ce48221169b3faaca
.exe windows x86

fb1b084514f030c75d16f57b3b50bf19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetPrivateProfileIntA
VirtualAllocEx
GetPrivateProfileSectionA
Heap32First
WaitForSingleObject
GetACP
GetDiskFreeSpaceW
InterlockedIncrement
GetLongPathNameA
GetDiskFreeSpaceW
GetExitCodeProcess
SetEnvironmentVariableA
Sleep
ExitProcess
WriteFileEx
InterlockedDecrement
GetPrivateProfileIntA
lstrcpyW
FindResourceW
lstrcmpA
GetModuleHandleW
LoadLibraryA

apphelp

AllowPermLayer
SdbCreateMsiTransformFile
ApphelpCheckIME
ApphelpCheckExe

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ