0fb952cb428f5acec308879b7de57231a60ba31989e1641f5a8a111099c78839 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fb952cb428f5acec308879b7de57231a60ba31989e1641f5a8a111099c78839
Size

128KB
MD5

4ed8e79dc9d95cbfb4d82afdf0321ff0
SHA1

382948ffb33a3f6cc4fb6dcd0995cd4e236c1fdc
SHA256

0fb952cb428f5acec308879b7de57231a60ba31989e1641f5a8a111099c78839
SHA512

c2af93f7fdd537e6691a496830821a5be5c683deed0f51e7193e14daf853a3968e9c2a492245cd5fe330e85123801d8b222c65646f9d3eeb50a542be3ed86274
SSDEEP

3072:cercpxfGdPueNWgdMmDROeMrfvG+MBL+9TSN1F:ce4pgvNBdHDUJrfvPMBL0+XF

Score

N/A

Malware Config

Signatures

Files

0fb952cb428f5acec308879b7de57231a60ba31989e1641f5a8a111099c78839
.exe windows x86

a674fb96ea3e564282a292626910f7db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFileEx
Sleep
CreateDirectoryA
Sleep
Sleep
HeapCreate
InterlockedDecrement
GetFileAttributesA
FindResourceW
GetPrivateProfileIntA
GetLongPathNameW
SetEnvironmentVariableA
LoadLibraryA
GetDiskFreeSpaceW
GetPrivateProfileSectionA
lstrcmpA
InterlockedIncrement
GetExitCodeProcess
lstrcpyW
LoadLibraryExA
WaitForSingleObject
GetPrivateProfileIntA
GetDiskFreeSpaceW

apphelp

ApphelpCheckIME
AllowPermLayer
SdbDeletePermLayerKeys
ApphelpCheckExe

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rss
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ