7f9da36105153844de34e24d41849818235c785b1ffa933bf38a63090e2d0fbd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f9da36105153844de34e24d41849818235c785b1ffa933bf38a63090e2d0fbd
Size

310KB
MD5

142a9ecebf682c36ed3ada3510cef830
SHA1

f127ec85d5db83991dd2587f0d5f1c866ecb4cef
SHA256

7f9da36105153844de34e24d41849818235c785b1ffa933bf38a63090e2d0fbd
SHA512

b688d0bf3496a70490d4fd01390f5892b217109c1a7876cd0a8a97fa484086b9eb1dc484bbf287aeaccc7c86dda5d05dc86281816037de45e2b1d2d9f0727cc3
SSDEEP

6144:8uTQh6Y42vE0yazJTG2Z++8QV71eX4/x7mGyI2w0N0pqYXq9rrfygIRn:8Q3x2vEpa/+EVjx7bGwu3ygIJ

Score

N/A

Malware Config

Signatures

Files

7f9da36105153844de34e24d41849818235c785b1ffa933bf38a63090e2d0fbd
.exe windows x86

5be6e505b228c85bae6aa924d2fb6def

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
WriteFileEx
GetDiskFreeSpaceW
lstrcmpA
Sleep
GetPrivateProfileIntA
GetDiskFreeSpaceW
GetExitCodeProcess
Sleep
SetEnvironmentVariableA
VirtualAllocEx
GetLongPathNameA
FindResourceW
LoadLibraryA
ExitProcess
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileSectionA
Sleep
GetPrivateProfileIntA
lstrcpyW
WaitForSingleObject
CreateDirectoryA

apphelp

ApphelpCheckIME
ApphelpCheckExe
SdbCreateMsiTransformFile
AllowPermLayer

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rss
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ