d36364136d8af7eaea062e77a21366d3f6ff144a7ed6547a14c68bad933b03b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d36364136d8af7eaea062e77a21366d3f6ff144a7ed6547a14c68bad933b03b4
Size

126KB
MD5

292a74fa5ea12aa66a40e50f0bda9ee0
SHA1

2c230c1cc3ad40f081cbbd03b29d8b303d56212b
SHA256

d36364136d8af7eaea062e77a21366d3f6ff144a7ed6547a14c68bad933b03b4
SHA512

143d2f644274018d5da7b796dd34de0de62e105ae37462e0fb6e81b12deffb23300d68bbad6856310e9f79e25962d7db03fafade4f70a830736935b1b6694ee3
SSDEEP

1536:ozYesFOxcPEDWP9AIMzLWlAoqNMTU73pkRNTGC4wSCxlQ/+KZX3x5LWSPJXRAjtG:oZWWWizLWTTU73ptC4FT9p7ABbn7adp

Score

N/A

Malware Config

Signatures

Files

d36364136d8af7eaea062e77a21366d3f6ff144a7ed6547a14c68bad933b03b4
.exe windows x86

8937f2c01e26bdd7b2969c0b7ab36a12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32First
SetEnvironmentVariableA
GetACP
GetStringTypeW
GetPrivateProfileIntA
lstrcpyW
GetExitCodeProcess
GetDiskFreeSpaceW
InterlockedIncrement
GetPrivateProfileIntA
LoadLibraryA
lstrcmpA
GetPrivateProfileSectionA
FindResourceW
GetModuleHandleW
WriteFileEx
ExitProcess
VirtualAllocEx
GetLongPathNameA
InterlockedDecrement
GetDiskFreeSpaceW
GetCurrentDirectoryA
WaitForSingleObject

apphelp

ApphelpCheckExe
AllowPermLayer
ApphelpCheckIME
SdbCreateMsiTransformFile

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE