7d27bd10925491b23df4ce1c1d7a009ce980253acc328a39b3163020431792e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7d27bd10925491b23df4ce1c1d7a009ce980253acc328a39b3163020431792e9
Size

309KB
MD5

b6b07bd5ee27549e86e89eaf53efae24
SHA1

616b236f9cf941badd36dda03f0553fbc4d4551b
SHA256

7d27bd10925491b23df4ce1c1d7a009ce980253acc328a39b3163020431792e9
SHA512

e8f7117a79419cbfcbc84cfb06f107c3469c8296aa6325bfb3225f336d7e86098d7cad5ed7f92068681786c81c2f7d320f0adeb74451042e4db6ad59546c8217
SSDEEP

6144:AxB6461WiDVQ0DlZPi8Mp6m5J+yYnqlLCfscChhAQIcpBbk:EB6461rVND7i0m3pCfBg3w

Score

N/A

Malware Config

Signatures

Files

7d27bd10925491b23df4ce1c1d7a009ce980253acc328a39b3163020431792e9
.exe windows x86

98c42c270b938e3f967936b813739fe5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetExitCodeProcess
GetPrivateProfileIntA
GetACP
VirtualAllocEx
lstrcmpA
InterlockedDecrement
FindResourceW
WaitForSingleObject
GetDiskFreeSpaceW
LoadLibraryA
GetModuleHandleW
GetCurrentDirectoryA
GetPrivateProfileIntA
ExitProcess
Heap32First
SetEnvironmentVariableA
GetPrivateProfileSectionA
GetDiskFreeSpaceW
GetStringTypeW
WriteFileEx
InterlockedIncrement
GetLongPathNameA

apphelp

ApphelpCheckIME
SdbCreateMsiTransformFile
ApphelpCheckExe
AllowPermLayer

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE