c6e4c0597cef64dbbba116681f11fc060810eb8e647e23782ee3758c40b0b22d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c6e4c0597cef64dbbba116681f11fc060810eb8e647e23782ee3758c40b0b22d
Size

64KB
MD5

3ad9c77042c7a6e622ecb582963c4050
SHA1

cb244370cb8715ad368450a241fc83aaa6ded201
SHA256

c6e4c0597cef64dbbba116681f11fc060810eb8e647e23782ee3758c40b0b22d
SHA512

1daa0052122022af43b91453476ac6dc323e48a8c5ced16e7b0e1b27dc790843de998deee71aaaca291b126fb21fb4756acf6769284c19549128cfd7471445de
SSDEEP

1536:UKDOSY52l67oixb5VqecX8fNY4xzWjmt:UKQ2l679rqew8K49WjU

Score

N/A

Malware Config

Signatures

Files

c6e4c0597cef64dbbba116681f11fc060810eb8e647e23782ee3758c40b0b22d
.exe windows x86

1b86cf46a32746ac44eda2b3e17d5d80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
GetFileAttributesA
LoadLibraryA
WaitForSingleObject
GetLongPathNameA
Sleep
lstrcmpA
GetPrivateProfileIntA
InterlockedDecrement
GetPrivateProfileIntA
FindResourceW
WriteFileEx
SetEnvironmentVariableA
ExitProcess
Sleep
Sleep
VirtualAllocEx
GetExitCodeProcess
GetDiskFreeSpaceW
GetDiskFreeSpaceW
lstrcpyW
InterlockedIncrement
GetPrivateProfileSectionA

apphelp

ApphelpCheckExe
SdbCreateMsiTransformFile
ApphelpCheckIME
AllowPermLayer

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rss
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ