9d4e2712465e8039e0af3e39056c2a03bd171eb5a4172280897ea653fa2571ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d4e2712465e8039e0af3e39056c2a03bd171eb5a4172280897ea653fa2571ba
Size

126KB
MD5

436bf6c1a38eabef495fe3a143aa6327
SHA1

8f8aabf69ee409c181d70322559275509bc0dc7b
SHA256

9d4e2712465e8039e0af3e39056c2a03bd171eb5a4172280897ea653fa2571ba
SHA512

e6976b10b225e01de8371ba54e1b49380359bb29a91817f63b37a407979bfdb28273e117fa501dcbd801bba7466057d99ee6dd547bb0cf29fbd9beabac2236d0
SSDEEP

3072:kDvfuws4esmPj56UIowa+CBhXcKn7can/X4DKMMmZ:SvfVs4esCrIoNRBhXcScauemZ

Score

N/A

Malware Config

Signatures

Files

9d4e2712465e8039e0af3e39056c2a03bd171eb5a4172280897ea653fa2571ba
.exe windows x86

5a8d8fa747cd4a6bf4c5cf9977bb2687

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32First
GetLongPathNameA
VirtualAllocEx
InterlockedDecrement
InterlockedIncrement
lstrcmpA
WaitForSingleObject
GetStringTypeW
ExitProcess
GetPrivateProfileIntA
GetPrivateProfileIntA
GetModuleHandleW
FindResourceW
lstrcpyW
GetDiskFreeSpaceW
GetDiskFreeSpaceW
GetExitCodeProcess
WriteFileEx
GetPrivateProfileSectionA
GetACP
LoadLibraryA
SetEnvironmentVariableA
GetCurrentDirectoryA

apphelp

ApphelpCheckIME
AllowPermLayer
SdbCreateMsiTransformFile
ApphelpCheckExe

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE