cfeeb02936eba4c2e54258798aeb361f26947e0698f701e6cb037473e07e2a0e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfeeb02936eba4c2e54258798aeb361f26947e0698f701e6cb037473e07e2a0e
Size

310KB
MD5

358557f8254b4807b6c6d03764d53ca0
SHA1

b231f6b254a8881911e2d4eb5514353fb2f2c40e
SHA256

cfeeb02936eba4c2e54258798aeb361f26947e0698f701e6cb037473e07e2a0e
SHA512

4e8926852db1ff2f34bf50c7f129445c04483f2b6ed54ad5b43e8991842bec7dbf01d12845d4a989f5e73c5e634c6ecd5689739b8f70701044a4e617f652e65d
SSDEEP

6144:qWp7qodnmSaGRYeURlq0v6RdS40NOKRbzG:xp7qodmSNCD3v6OsM2

Score

N/A

Malware Config

Signatures

Files

cfeeb02936eba4c2e54258798aeb361f26947e0698f701e6cb037473e07e2a0e
.exe windows x86

891ca8defa1f29093063067a8db5450e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
Sleep
GetPrivateProfileIntA
GetDiskFreeSpaceW
GetPrivateProfileSectionA
GetPrivateProfileIntA
GetACP
WriteFileEx
GetDiskFreeSpaceW
WaitForSingleObject
FindResourceW
InterlockedDecrement
InterlockedIncrement
Heap32First
SetEnvironmentVariableA
lstrcmpA
LoadLibraryA
VirtualAllocEx
lstrcpyW
GetModuleHandleW
ExitProcess
GetExitCodeProcess
GetLongPathNameA

apphelp

ApphelpCheckExe
AllowPermLayer
ApphelpCheckIME
SdbCreateMsiTransformFile

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ