8dc67a661404197b45826b6592c927fe5a77761ed991fb641364584fc9c94753 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8dc67a661404197b45826b6592c927fe5a77761ed991fb641364584fc9c94753
Size

120KB
MD5

492b5f28f1947b0553eb005eeaf80de0
SHA1

439ef3e0d2a5de6b1a4f715fa3745b8865aabfeb
SHA256

8dc67a661404197b45826b6592c927fe5a77761ed991fb641364584fc9c94753
SHA512

4e48a5cd475d1dc8ab8df28407ab086a948d993926beb7b08610cc9f7e33564779c5e11873e222caa63d14b9b211a66a54f756b01bccb325e35721073f6b0db2
SSDEEP

1536:G4MQ2jTMU5A+LmSgQ2OU5C8R5Qx1faN8n5CTktgJQHJmWmI+GOXwd1CHu/T:Gnz8SgQ2r535Q1faKCwdp3OXwd1CO/T

Score

N/A

Malware Config

Signatures

Files

8dc67a661404197b45826b6592c927fe5a77761ed991fb641364584fc9c94753
.exe windows x86

cf34a4ec100ba8e3bb966fe821f98131

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
lstrcmpA
VirtualAllocEx
WriteFileEx
ExitProcess
GetPrivateProfileIntA
InterlockedDecrement
GetLongPathNameA
LoadLibraryA
InterlockedIncrement
lstrcpyW
GetModuleHandleW
GetDiskFreeSpaceW
WaitForSingleObject
GetPrivateProfileIntA
GetCurrentDirectoryA
Heap32First
GetExitCodeProcess
GetStringTypeW
GetPrivateProfileSectionA
GetDiskFreeSpaceW
SetEnvironmentVariableA
GetACP

apphelp

SdbCreateMsiTransformFile
ApphelpCheckExe
ApphelpCheckIME
AllowPermLayer

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE