8d7556da4f665f3f0549450dad7bb11ebaa6a7c2cfc44b9441b39bb51838d78d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d7556da4f665f3f0549450dad7bb11ebaa6a7c2cfc44b9441b39bb51838d78d
Size

92KB
MD5

66e670b9fa252e637726268bd3af697b
SHA1

f5da3977c9889226b398b6b80953423e4807678f
SHA256

8d7556da4f665f3f0549450dad7bb11ebaa6a7c2cfc44b9441b39bb51838d78d
SHA512

c82574c35536cf6bd77268c840f93b2a53b7bffdb5c9451fbf92ff9f4585f090b213037c4bd3e6e125b81cdea88b03b53a4444377974f604c4b8399cb92f1e1d
SSDEEP

1536:UVdkapz0nMLC4EZklMPnsTIYk//Xd1TR/FMxoRjEErxTWDTMqhGKYIZTET8u5j6d:Idj+MLC4EZkKPnsTIYATxFwOjBkMqhGf

Score

N/A

Malware Config

Signatures

Files

8d7556da4f665f3f0549450dad7bb11ebaa6a7c2cfc44b9441b39bb51838d78d
.exe windows x86

4fc5088c0b5484dcc373b2d7beef85bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFile
AllocConsole
FindFirstFileExA
PrivCopyFileExW
SetEnvironmentVariableA
LZSeek
ResetWriteWatch
CreateNlsSecurityDescriptor
FindActCtxSectionStringW
ZombifyActCtx
SetTermsrvAppInstallMode

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 26KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE