8854b325f80cdbdb4213ea0d8f36d86052018d51c5c85b37942f64b9f0bdd9c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8854b325f80cdbdb4213ea0d8f36d86052018d51c5c85b37942f64b9f0bdd9c0
Size

127KB
MD5

064a64a440ed1dd9aee6023e897fdac0
SHA1

9446e2ba4d66e2f540bf3ace93d3ea31b8030f21
SHA256

8854b325f80cdbdb4213ea0d8f36d86052018d51c5c85b37942f64b9f0bdd9c0
SHA512

31d5bfd09e3b52693964c46466eedc48911e5e6a2d5becc104410395912543605097be64b9a120a1bdb32f8d210837705099cdde3ead679f4e015169344eafd1
SSDEEP

3072:V85uAcY3BxT7BTkah6vh9aPomz/wyfUE:O5zcYLTeRh9az0iUE

Score

N/A

Malware Config

Signatures

Files

8854b325f80cdbdb4213ea0d8f36d86052018d51c5c85b37942f64b9f0bdd9c0
.exe windows x86

9c6b1fd52710dd360451112f2243e509

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFileEx
GetPrivateProfileSectionA
FindResourceW
WaitForSingleObject
GetLongPathNameA
VirtualAllocEx
LoadLibraryA
GetPrivateProfileIntA
lstrcmpA
GetModuleHandleW
GetExitCodeProcess
InterlockedIncrement
GetPrivateProfileIntA
Heap32First
InterlockedDecrement
GetACP
GetCurrentDirectoryA
GetStringTypeW
ExitProcess
lstrcpyW
GetDiskFreeSpaceW
SetEnvironmentVariableA
GetDiskFreeSpaceW

apphelp

ApphelpCheckIME
ApphelpCheckExe
SdbCreateMsiTransformFile
AllowPermLayer

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE