ef10eee101858faa038368eb25bc437f055db1b4c4d5952eed5bc9ca496f6e03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef10eee101858faa038368eb25bc437f055db1b4c4d5952eed5bc9ca496f6e03
Size

309KB
MD5

a551d651db55125041249b84a8389520
SHA1

e12704c441e1f77a346078bcbd468f7ab08beebe
SHA256

ef10eee101858faa038368eb25bc437f055db1b4c4d5952eed5bc9ca496f6e03
SHA512

4dcaae2be27444abd985926e61111538ac9c6515cb5f2f5fcaeb436dc57813fc3bf17725d3bef222f93196f6dc02d22085a4d4678ef0eb6bfe05eb5d9cef4b69
SSDEEP

6144:rfaJyaZAgLlKnzLgSM+MgVjz4A+oIJIpENraTQyviRTV/lVSW4rK:jabAg4LXM8z4A+D+TQr9UWl

Score

N/A

Malware Config

Signatures

Files

ef10eee101858faa038368eb25bc437f055db1b4c4d5952eed5bc9ca496f6e03
.exe windows x86

02abf6c48ca8f0041d0493eb846b6840

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
FindResourceW
Heap32First
LoadLibraryA
GetPrivateProfileSectionA
WaitForSingleObject
InterlockedDecrement
GetPrivateProfileIntA
GetACP
GetExitCodeProcess
SetEnvironmentVariableA
lstrcpyW
ExitProcess
GetStringTypeW
GetLongPathNameA
WriteFileEx
InterlockedIncrement
lstrcmpA
GetDiskFreeSpaceW
GetCurrentDirectoryA
VirtualAllocEx
GetDiskFreeSpaceW
GetModuleHandleW

apphelp

SdbCreateMsiTransformFile
AllowPermLayer
ApphelpCheckExe
ApphelpCheckIME

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE