38f9674387e4d279165f7394859b8d3892a74e8dea7e69d11c90ed7bc99a89f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38f9674387e4d279165f7394859b8d3892a74e8dea7e69d11c90ed7bc99a89f4
Size

69KB
MD5

543d65e7e329f6588be2351f5fc72823
SHA1

f4155cf62b8317fc6d82be1078df3fc490fdbe0f
SHA256

38f9674387e4d279165f7394859b8d3892a74e8dea7e69d11c90ed7bc99a89f4
SHA512

2ff6c992bddce03ee089c5cfd7a016932e9a715deb42858772651e5bfc4a355952912f8d27e530ae0fa935e83d35991c32c82575cae286c345f2d813e164822b
SSDEEP

1536:yjBppx0kCaxsA6epRZTRV7fftwBjGsQ07b:yvpx0Ne3/VJwx/

Score

N/A

Malware Config

Signatures

Files

38f9674387e4d279165f7394859b8d3892a74e8dea7e69d11c90ed7bc99a89f4
.exe windows x86

6b7ea4faf5c79897537c5001b3aa1086

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
SetEnvironmentVariableA
WaitForSingleObject
InterlockedIncrement
GetPrivateProfileSectionA
ExitProcess
GetDiskFreeSpaceW
GetPrivateProfileIntA
GetModuleHandleW
WriteFileEx
GetLongPathNameA
GetStringTypeW
GetPrivateProfileIntA
Heap32First
lstrcpyW
GetDiskFreeSpaceW
GetCurrentDirectoryA
GetExitCodeProcess
lstrcmpA
GetACP
VirtualAllocEx
LoadLibraryA
InterlockedDecrement

apphelp

SdbCreateMsiTransformFile
ApphelpCheckExe
ApphelpCheckIME
AllowPermLayer

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE