fdd4c63abe6781e10d0ee584556bc65f3a90607acb9ddad6553b859e2c38c5b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdd4c63abe6781e10d0ee584556bc65f3a90607acb9ddad6553b859e2c38c5b0
Size

310KB
MD5

fd6a3520712208e0d6062fadfcac1ef7
SHA1

060f61052f7cb709f3182bf98070f16fcadd686b
SHA256

fdd4c63abe6781e10d0ee584556bc65f3a90607acb9ddad6553b859e2c38c5b0
SHA512

c23ec5608fe5889a6244959436ec4ad62299250006d480922cf2069d0ed8cfc0f1934d9d9f9215fed53cf0b66f7a14bcaab53c2bfdc9bd804ab2e8d51bb4a035
SSDEEP

6144:CFTRWWRlpPARaOPu849OGogvBXY3w4gVFIvTAEE3mLex:CTZHpPWadtZX/46SvE82

Score

N/A

Malware Config

Signatures

Files

fdd4c63abe6781e10d0ee584556bc65f3a90607acb9ddad6553b859e2c38c5b0
.exe windows x86

f3e3bf289adf6812667dd9fb36d8ba63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceW
GetPrivateProfileIntA
LoadLibraryA
GetFileAttributesA
SetEnvironmentVariableA
GetPrivateProfileIntA
WriteFileEx
GetLongPathNameA
ExitProcess
VirtualAllocEx
GetPrivateProfileSectionA
InterlockedDecrement
Sleep
GetDiskFreeSpaceW
Sleep
lstrcmpA
InterlockedIncrement
FindResourceW
GetModuleHandleW
WaitForSingleObject
lstrcpyW
Sleep
GetExitCodeProcess

apphelp

AllowPermLayer
ApphelpCheckExe
ApphelpCheckIME
SdbCreateMsiTransformFile

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ