8ed28c9b264b530b788048c783f61e62af50081ea964efdf59f66efd2d0685d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ed28c9b264b530b788048c783f61e62af50081ea964efdf59f66efd2d0685d3
Size

376KB
MD5

ecaa76db1cd16499bc026ae093d19238
SHA1

90e13f92139f307076cb63398ee3c6d0304d585c
SHA256

8ed28c9b264b530b788048c783f61e62af50081ea964efdf59f66efd2d0685d3
SHA512

a995bf697f1a7c7e895fdf01a9c1cadac11640101d852d37693f20494aee2301e19c045fdb81b7f6fc87a721504bd15c0a9c76002b449d14405329149e426528
SSDEEP

6144:Imu5ByjL/dsBbjdYOh1qynUud3f5FlQMjd21L6piRoof8vmlgzJ:ItOPyddi9k3xFmMp2BOof8Ol

Score

N/A

Malware Config

Signatures

Files

8ed28c9b264b530b788048c783f61e62af50081ea964efdf59f66efd2d0685d3
.exe windows x86

d9e64c646c5a52747efc8fea7b277555

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetEnvironmentVariableA
GetVersion
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetCommandLineA
GetLastError
GetModuleHandleA
ExitProcess
VirtualAlloc
GetStartupInfoA

msvcrt

_XcptFilter
_exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
exit
_strcmpi

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

geoym
Size: 316KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

aaegu
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ausyce
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE