f8bbdae951ad75fc50e73b9c33f88cdd87d92b1c791738937f0ff9e0479e8135 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f8bbdae951ad75fc50e73b9c33f88cdd87d92b1c791738937f0ff9e0479e8135
Size

309KB
MD5

7f38f46a2ee98dd62f3366a24946dd1c
SHA1

7695ea13809056d852920dcd6e462fb2ae91e44b
SHA256

f8bbdae951ad75fc50e73b9c33f88cdd87d92b1c791738937f0ff9e0479e8135
SHA512

36566162610fd1e6bd03734194d88d1210794fc04319cb46db55c2adb22d17bf85a25c7363d2d2cf5d02f86c092585865fa69ef4ade7334aca056a7a1e54dc8c
SSDEEP

6144:eWWDPrM5d6/QxWVuc2QXHPoSdmBMiAWOY4iPNqqlRwB:jSA5M/wgtlHgSMqiAt8qqH4

Score

N/A

Malware Config

Signatures

Files

f8bbdae951ad75fc50e73b9c33f88cdd87d92b1c791738937f0ff9e0479e8135
.exe windows x86

461322a695e0dd4e0932a7ce35d10a88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
GetPrivateProfileIntA
FindResourceW
GetDiskFreeSpaceW
LoadLibraryA
ExitProcess
lstrcmpA
lstrcpyW
GetDiskFreeSpaceW
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
GetPrivateProfileSectionA
GetPrivateProfileIntA
GetLongPathNameA
GetExitCodeProcess
VirtualAllocEx
Heap32First
GetStringTypeW
GetCurrentDirectoryA
GetACP
WriteFileEx
WaitForSingleObject

apphelp

SdbCreateMsiTransformFile
AllowPermLayer
ApphelpCheckExe
ApphelpCheckIME

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE