4d63a7e7af3b5c16254d7a84cdcc809f630724bf9ef1a37f27f8b6bc22e83d14 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d63a7e7af3b5c16254d7a84cdcc809f630724bf9ef1a37f27f8b6bc22e83d14
Size

304KB
MD5

95bf038a9bb46130a51446308e90e0d8
SHA1

40937baa0dd59c0fbaae47c8ec15f68593c44561
SHA256

4d63a7e7af3b5c16254d7a84cdcc809f630724bf9ef1a37f27f8b6bc22e83d14
SHA512

50823a8be39fff40b771875f9e6fe495e7ec7aa0d1635b14af222baddeb79ccbc86bc4d8f57f1d0dc52004d1099e0a3e7de06393e15bba5522d8121950a4b891
SSDEEP

6144:H8qtgxinsnvadZpNer0k1iM08SRhjAY2kqqIqT64+Jg8sOMBUM+FrGLd5U:H8qtgxiQvadZb60YiMK7Snrq7+S8hBrv

Score

N/A

Malware Config

Signatures

Files

4d63a7e7af3b5c16254d7a84cdcc809f630724bf9ef1a37f27f8b6bc22e83d14
.exe windows x86

818a3bb75936d1b0326467e999dc671e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
GetPrivateProfileSectionA
WaitForSingleObject
LoadLibraryA
Sleep
Sleep
LoadLibraryExA
GetLongPathNameW
Sleep
lstrcpyW
CreateDirectoryA
GetDiskFreeSpaceW
InterlockedDecrement
SetEnvironmentVariableA
InterlockedIncrement
GetExitCodeProcess
FindResourceW
GetFileAttributesA
WriteFileEx
HeapCreate
GetPrivateProfileIntA
lstrcmpA
GetDiskFreeSpaceW

apphelp

AllowPermLayer
SdbDeletePermLayerKeys
ApphelpCheckIME
ApphelpCheckExe

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rss
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ