a4ea84cc857b4ed32dfa2cc1c453452aec3f7e21dacb2b0cebf6e7604bf695a6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4ea84cc857b4ed32dfa2cc1c453452aec3f7e21dacb2b0cebf6e7604bf695a6
Size

69KB
MD5

32afb3090cfa0444842ca4216192d6b9
SHA1

c8d007fdb978106ccd0b18fc00a6232ec878cad0
SHA256

a4ea84cc857b4ed32dfa2cc1c453452aec3f7e21dacb2b0cebf6e7604bf695a6
SHA512

8cbf8e678cecd48bc11a006671a79254e4a51591ef47d5c4e5c43daeb58f8f3efdd5b8e57475552cac1fcf66e81a5b7fae29aa0f3aacb6e5f514b27731102dc0
SSDEEP

1536:oQwr5+xBWhe7migKaVCNIklb8nEX0ZT5vmMPmilg:DZkhejgKaVCNIkF8nEE55eOmug

Score

N/A

Malware Config

Signatures

Files

a4ea84cc857b4ed32dfa2cc1c453452aec3f7e21dacb2b0cebf6e7604bf695a6
.exe windows x86

68a0401b55a249dc61321505176ab2be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32First
GetDiskFreeSpaceW
GetACP
lstrcmpA
lstrcpyW
GetCurrentDirectoryA
LoadLibraryA
GetExitCodeProcess
VirtualAllocEx
InterlockedIncrement
GetLongPathNameA
GetPrivateProfileIntA
GetModuleHandleW
GetPrivateProfileIntA
SetEnvironmentVariableA
GetStringTypeW
WaitForSingleObject
GetPrivateProfileSectionA
FindResourceW
GetDiskFreeSpaceW
ExitProcess
InterlockedDecrement
WriteFileEx

apphelp

ApphelpCheckIME
AllowPermLayer
ApphelpCheckExe
SdbCreateMsiTransformFile

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE