28dddd06df766e807c8045b6faa41efdffc5d797c2fe5ed97f9a3bf42ec39cb4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28dddd06df766e807c8045b6faa41efdffc5d797c2fe5ed97f9a3bf42ec39cb4
Size

310KB
MD5

3bcfb99553a481b85fc7ff37554b6fa0
SHA1

fb80096a231a1a7978a6049c222797d91d7cc6a3
SHA256

28dddd06df766e807c8045b6faa41efdffc5d797c2fe5ed97f9a3bf42ec39cb4
SHA512

40162a1db7e254c0c68cf811fb044a9380efda836e64fae0842972ecb8404ed94fcb32f70aaffa91ed4c523257f395d170e1e6e4305026c58e727f24a4e95ac0
SSDEEP

6144:oF4lf/oJ4WX5c9JgEw/m7wvNvvWpk8fsfSVGcQEcxyCQ7nPdC1:oF4lXoJ4WXcZwFvUk8fsaTQPQDU

Score

N/A

Malware Config

Signatures

Files

28dddd06df766e807c8045b6faa41efdffc5d797c2fe5ed97f9a3bf42ec39cb4
.exe windows x86

8f605758b2dc883e50a805891df9252f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
SetEnvironmentVariableA
WaitForSingleObject
WriteFileEx
InterlockedDecrement
FindResourceW
GetPrivateProfileIntA
GetDiskFreeSpaceW
VirtualAllocEx
GetDiskFreeSpaceW
Heap32First
GetACP
GetExitCodeProcess
GetPrivateProfileIntA
Sleep
ExitProcess
GetLongPathNameA
GetPrivateProfileSectionA
InterlockedIncrement
lstrcpyW
LoadLibraryA
GetModuleHandleW
Sleep

apphelp

ApphelpCheckExe
SdbCreateMsiTransformFile
AllowPermLayer
ApphelpCheckIME

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ