dce5646afd126f7e1b13f28d9042d4bc32cc9f1921c2887329a67f0b9db99525 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dce5646afd126f7e1b13f28d9042d4bc32cc9f1921c2887329a67f0b9db99525
Size

121KB
MD5

508e6d5e7afa43cb69f1a12694149ad0
SHA1

f45c35f6c09fc27b577d92c80b9c6de076208e91
SHA256

dce5646afd126f7e1b13f28d9042d4bc32cc9f1921c2887329a67f0b9db99525
SHA512

0aba45b2051e1c94874e1bd552b8c72f8fee6ad08396bbde6c6650c4070553b2842683e2ddc549b910bb076670d3faa3195f17e912af90921e1fd3f501c6eb66
SSDEEP

1536:SZNa2J7jo/pHlOXwwDk2RA5ym2t8Qt3WXQV8dA8OEnA:SNjo/p1Qk2eZyt3bV8dA8tA

Score

N/A

Malware Config

Signatures

Files

dce5646afd126f7e1b13f28d9042d4bc32cc9f1921c2887329a67f0b9db99525
.exe windows x86

1de48d63070f069f32af0a09cc72767e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
InterlockedDecrement
GetModuleHandleW
InterlockedIncrement
Heap32First
VirtualAllocEx
GetPrivateProfileIntA
GetDiskFreeSpaceW
GetLongPathNameA
GetDiskFreeSpaceW
LoadLibraryA
GetACP
GetExitCodeProcess
GetCurrentDirectoryA
WaitForSingleObject
GetPrivateProfileIntA
GetPrivateProfileSectionA
WriteFileEx
lstrcpyW
ExitProcess
FindResourceW
GetStringTypeW
SetEnvironmentVariableA

apphelp

AllowPermLayer
ApphelpCheckIME
SdbCreateMsiTransformFile
ApphelpCheckExe

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE