b37d80da2cb3910a6f37101f3ca9da6adbfd0a29d8ecf12349c2c0f04c4816dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b37d80da2cb3910a6f37101f3ca9da6adbfd0a29d8ecf12349c2c0f04c4816dd
Size

310KB
MD5

4d471c40ee46092de0383c44cd0ab6fe
SHA1

3f59a7e025944f32fe912aedacf3e0b182b6db40
SHA256

b37d80da2cb3910a6f37101f3ca9da6adbfd0a29d8ecf12349c2c0f04c4816dd
SHA512

4c9d540f6aca53a9859b285b2f5e00c792335e6fc99f8a150bb113b390f6b1cc7b12ed4e08e83c1973d8b1583cf70277fde6e960cbff51443048f5e8ea19e58c
SSDEEP

6144:UQh6YRfzAaWUUuHzJIpZohJlroIzVrVeXcf33TqlyJnGDHuCb2n6nyzX:U30zALnmt6G1HLOc/3cyGHuu26c

Score

N/A

Malware Config

Signatures

Files

b37d80da2cb3910a6f37101f3ca9da6adbfd0a29d8ecf12349c2c0f04c4816dd
.exe windows x86

69054e0767c12715a44aa859eb8c466a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
lstrcmpA
GetFileAttributesA
GetLongPathNameA
Sleep
FindResourceW
WriteFileEx
GetDiskFreeSpaceW
InterlockedIncrement
LoadLibraryA
Sleep
WaitForSingleObject
lstrcpyW
InterlockedDecrement
VirtualAllocEx
GetDiskFreeSpaceW
GetExitCodeProcess
Sleep
CreateDirectoryA
GetPrivateProfileSectionA
ExitProcess
GetPrivateProfileIntA
SetEnvironmentVariableA

apphelp

ApphelpCheckExe
ApphelpCheckIME
AllowPermLayer
SdbCreateMsiTransformFile

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rss
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ