654d8ba64a1730400d9286224380950e2d1f4bce24fab476263705f33c95d5f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

654d8ba64a1730400d9286224380950e2d1f4bce24fab476263705f33c95d5f1
Size

832KB
MD5

52d15c0f0d3a8fe5e7fe57af85bab760
SHA1

b72634775112092cc4294009be0b169849e0c49e
SHA256

654d8ba64a1730400d9286224380950e2d1f4bce24fab476263705f33c95d5f1
SHA512

a9510516927ba0b0ab173e7180d099f6bfde31bea07a02d59c5078b2adb38ed0a6b3e4fe5e7ac9919d9a46bd80c2e78eb00f33c3d380b7f549ee59144292c139
SSDEEP

12288:6yMETYUsxbjTz7LtXjhdLwqH956D8leLdKRP/PM5Z/oECxuIKe8JSSPTrenZg:IETY5PTHZThZlgFLdj5ZAxsBMAWg

Score

N/A

Malware Config

Signatures

Files

654d8ba64a1730400d9286224380950e2d1f4bce24fab476263705f33c95d5f1
.exe windows x86

1577300ab01e6da7aa18a385d535e2d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OpenSemaphoreW
SetStdHandle
VirtualAllocEx
CreateEventW
GetCommandLineW
GetDiskFreeSpaceA
SetLocaleInfoA
GetProcessVersion
SearchPathA
GetFullPathNameW
FreeEnvironmentStringsA
SetCurrentDirectoryA
OpenMutexW
WaitForMultipleObjects
LoadLibraryA
MoveFileExW
GetBinaryTypeA

msctf

TF_RunInputCPL
TF_CreateLangBarMgr
TF_CreateThreadMgr
TF_CreateCategoryMgr

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 813KB - Virtual size: 2.2MB

IMAGE_SCN_MEM_READ