368d06a322b8c689ff3e9e5a6f2e25a8dd7b5bead182af06701e993c906a660e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

368d06a322b8c689ff3e9e5a6f2e25a8dd7b5bead182af06701e993c906a660e
Size

309KB
MD5

a32a920f593e324dec96ab13ec44f277
SHA1

e9c65f6090e62f9d078bd915a0e3b4ff0dd6af1c
SHA256

368d06a322b8c689ff3e9e5a6f2e25a8dd7b5bead182af06701e993c906a660e
SHA512

ee81b35c46606ffd4b893ac91d97a4ca2395fb4f65ca7817cb6de3529eb7a7a1c393a507432eba0d3a96055fbf0534bfd3db0ffd92b5b324d6799abb95626765
SSDEEP

6144:VxKZVIjLr0L1+BupaHjGi/xQFgGWCKvh4fSAQ8Qho:GYjP0L1+BFGiJQOPTynWy

Score

N/A

Malware Config

Signatures

Files

368d06a322b8c689ff3e9e5a6f2e25a8dd7b5bead182af06701e993c906a660e
.exe windows x86

695d2a98d47e593aacc90419c5b2ea06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceW
WaitForSingleObject
InterlockedIncrement
GetACP
VirtualAllocEx
GetStringTypeW
SetEnvironmentVariableA
lstrcpyW
LoadLibraryA
InterlockedDecrement
GetDiskFreeSpaceW
lstrcmpA
GetPrivateProfileIntA
GetExitCodeProcess
GetLongPathNameA
FindResourceW
ExitProcess
WriteFileEx
GetCurrentDirectoryA
GetModuleHandleW
GetPrivateProfileSectionA
GetPrivateProfileIntA
Heap32First

apphelp

AllowPermLayer
SdbCreateMsiTransformFile
ApphelpCheckExe
ApphelpCheckIME

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE