d41bccd129c77cd056954288d5f6dddd6452ee01a69d298c6c06efe9bd3c7181 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d41bccd129c77cd056954288d5f6dddd6452ee01a69d298c6c06efe9bd3c7181
Size

8KB
MD5

12808ba5edd8ca8d96db05f2924b2b70
SHA1

de30cdcb39d5faa9a3159fd0f4e9e83c1dd06b53
SHA256

d41bccd129c77cd056954288d5f6dddd6452ee01a69d298c6c06efe9bd3c7181
SHA512

e905eefbf71e050208c05d7569128defa4f006377b81ee93b4170b68f0a95f4c27560f66868f463998e30972b4d8947b14acca00ce8892b10a15caa68cac0281
SSDEEP

192:lkN8R5u1lK6+TMk18iKYOuf8A9nwcoCvQ/S:lkN8R5uXK6+TMk18iKYj0Axw9C4/S

Score

N/A

Malware Config

Signatures

Files

d41bccd129c77cd056954288d5f6dddd6452ee01a69d298c6c06efe9bd3c7181
.exe windows x86

c05ef5ec05d4c28010233849e3c30851

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
InterlockedIncrement
WaitForSingleObject
GetDiskFreeSpaceW
GetPrivateProfileIntA
GetPrivateProfileSectionA
ExitProcess
VirtualAllocEx
SetEnvironmentVariableA
InterlockedDecrement
Sleep
GetLongPathNameA
GetModuleHandleW
GetPrivateProfileIntA
GetACP
Sleep
Heap32First
FindResourceW
LoadLibraryA
GetDiskFreeSpaceW
lstrcpyW
WriteFileEx
GetExitCodeProcess

apphelp

SdbCreateMsiTransformFile
ApphelpCheckExe
ApphelpCheckIME
AllowPermLayer

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ