cfd553a8c08af3749c7ba379bb7e4b0fe3c5e2daa142cd9450a53f5201f952fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfd553a8c08af3749c7ba379bb7e4b0fe3c5e2daa142cd9450a53f5201f952fe
Size

121KB
MD5

1d2e382e5becf3b33600033d73457730
SHA1

70d9bdbe596cfa335064cc7df7f91bf7bd0235a4
SHA256

cfd553a8c08af3749c7ba379bb7e4b0fe3c5e2daa142cd9450a53f5201f952fe
SHA512

d35636e3a24122370b4fbc83f91c34fcbf2b7c678bc2ed0a4df51d333dab887474bc4072075984d8470bd45d7cd7faef7f43859230ed8f8ce6996fd499e51f07
SSDEEP

3072:OWhF0ntpATNiELia2+RMk+SIfgWLl7dfi8Se78:WnwTNi9lCXwgufVSe78

Score

N/A

Malware Config

Signatures

Files

cfd553a8c08af3749c7ba379bb7e4b0fe3c5e2daa142cd9450a53f5201f952fe
.exe windows x86

028a4752c3c4261511a9829caf2cc494

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
FindResourceW
LoadLibraryA
GetExitCodeProcess
GetPrivateProfileIntA
SetEnvironmentVariableA
Sleep
GetACP
Heap32First
Sleep
VirtualAllocEx
InterlockedDecrement
GetModuleHandleW
WaitForSingleObject
GetPrivateProfileSectionA
GetLongPathNameA
WriteFileEx
GetDiskFreeSpaceW
ExitProcess
lstrcmpA
GetDiskFreeSpaceW
lstrcpyW
InterlockedIncrement

apphelp

AllowPermLayer
SdbCreateMsiTransformFile
ApphelpCheckIME
ApphelpCheckExe

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ