8e50dd6bd78084571416c2fd8c04420e7b496a45ab77fc7161752f2b1efca9fe | Triage

Sharing

General

Target

8e50dd6bd78084571416c2fd8c04420e7b496a45ab77fc7161752f2b1efca9fe
Size

798KB
MD5

98478e65c087d188ac9e59c9ac929d7a
SHA1

1e30fab383c9c3dd82eda7545c098be95ac235a5
SHA256

8e50dd6bd78084571416c2fd8c04420e7b496a45ab77fc7161752f2b1efca9fe
SHA512

345ec8463491ffab28b05a8c35f62dcb215d04a7aef47970e94f0dc8d37ed03cd6665b99d9bc19fc04e2f99ff4fb069d7ebb6e44e2f8c6dc6c12e38bd3b6e9e4
SSDEEP

12288:I4C/XYEijqHXAOSVF6B9VC4C/XYEijqHXAOSVF6B9Vf4C/XYEijqHXAOSVF6B9VR:0/ItONY/ItONp/ItONLuvLLZyTrmfwJ

Score

1^/10

Malware Config

Signatures

NSIS installer 1 IoCs
installer

Processes:

resource yara_rule

sample nsis_installer_1

Files

8e50dd6bd78084571416c2fd8c04420e7b496a45ab77fc7161752f2b1efca9fe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.khe
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE