dc297bd4792acd9301a318aa8d50b4e7806394e76aefa7f5d44bf7d379f73eea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc297bd4792acd9301a318aa8d50b4e7806394e76aefa7f5d44bf7d379f73eea
Size

122KB
MD5

266580f9ba63100c4fa13f1426f319b0
SHA1

c0a50a5bd37877f9c6e79316dc6fe0525d822972
SHA256

dc297bd4792acd9301a318aa8d50b4e7806394e76aefa7f5d44bf7d379f73eea
SHA512

b316fee73e61c12d161739f7b094bb4c851f09258de50c916d5a654142f321faa43103336f5cf79c8c6de0a60069f468a7b10ff2589aedf2b83410d1c3d2256b
SSDEEP

3072:IhJCFuT3cBlRt5427hr5vqGa0il2P9w4tATe:IzWk3SR82NrFSOPbtATe

Score

N/A

Malware Config

Signatures

Files

dc297bd4792acd9301a318aa8d50b4e7806394e76aefa7f5d44bf7d379f73eea
.exe windows x86

05db863b00775ad46a09d65c3cb775e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
WriteFileEx
VirtualAllocEx
WaitForSingleObject
GetPrivateProfileSectionA
LoadLibraryA
GetPrivateProfileIntA
GetDiskFreeSpaceW
InterlockedIncrement
SetEnvironmentVariableA
lstrcpyW
GetLongPathNameA
ExitProcess
GetDiskFreeSpaceW
GetExitCodeProcess
Sleep
Sleep
InterlockedDecrement
FindResourceW
Sleep
GetPrivateProfileIntA
CreateDirectoryA
GetFileAttributesA

apphelp

ApphelpCheckExe
ApphelpCheckIME
AllowPermLayer
SdbCreateMsiTransformFile

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rss
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ