36f76cd78f145e9b8a9f0b2276d2bce25dc871bdecb557b4affcd00c51ea0cbe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36f76cd78f145e9b8a9f0b2276d2bce25dc871bdecb557b4affcd00c51ea0cbe
Size

303KB
MD5

98e89be55363201530a511178cab14d0
SHA1

848c615b2ec50ef8e2c6b39d29765fb0190b4bc6
SHA256

36f76cd78f145e9b8a9f0b2276d2bce25dc871bdecb557b4affcd00c51ea0cbe
SHA512

aa5d922174e3edf244f08f30b6f168a6f09300fd7455e71063a711579ba48938564b6206651344d5ecf274b13298b9e7bf1099f7bcc30a4c4dfed1e91e8a4c1f
SSDEEP

6144:jXQqtgtqB9TRT7lC5E0W741f/N7e2QQ0Fxmg92eFT8:jgqtgt8Zhg+0Ff/tkW4Y

Score

N/A

Malware Config

Signatures

Files

36f76cd78f145e9b8a9f0b2276d2bce25dc871bdecb557b4affcd00c51ea0cbe
.exe windows x86

b826356642d3888810eec76ab2d4c162

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameA
lstrcmpA
GetPrivateProfileIntA
GetFileAttributesA
LoadLibraryA
InterlockedIncrement
SetEnvironmentVariableA
GetPrivateProfileSectionA
ExitProcess
GetDiskFreeSpaceW
GetPrivateProfileIntA
Sleep
InterlockedDecrement
GetExitCodeProcess
lstrcpyW
VirtualAllocEx
GetDiskFreeSpaceW
WaitForSingleObject
Sleep
WriteFileEx
FindResourceW
Sleep
CreateDirectoryA

apphelp

ApphelpCheckIME
ApphelpCheckExe
SdbCreateMsiTransformFile
AllowPermLayer

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rss
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ