85021d563680d089b4fc9e843affc12fc50d36dcd844ded5ccbd1b9c243af6f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85021d563680d089b4fc9e843affc12fc50d36dcd844ded5ccbd1b9c243af6f8
Size

120KB
MD5

129b2bc112da845786b830d59a395990
SHA1

39e09ef24debc7d534227a27fc8824aee5da893c
SHA256

85021d563680d089b4fc9e843affc12fc50d36dcd844ded5ccbd1b9c243af6f8
SHA512

cfa8f52963d0db05396cf271ec8fd8ce7eab161ee6d4c54a62d481df0970c7078ffe40c937618f37ee5fc4a77b974f9d3bbe11a06013e8fb51d43b6aa1b887c8
SSDEEP

1536:w/RaD/wO4XVHz5DfNaxUjigVNIizRvQdZGFLrDHjV5nPbQueqO0g95a:w/oDYO4XVH2C1zedcPrjL8ukVfa

Score

N/A

Malware Config

Signatures

Files

85021d563680d089b4fc9e843affc12fc50d36dcd844ded5ccbd1b9c243af6f8
.exe windows x86

5304995ed17e0ceb407b08bacc863b5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetModuleHandleW
lstrcpyW
GetDiskFreeSpaceW
GetStringTypeW
lstrcmpA
GetCurrentDirectoryA
InterlockedDecrement
Heap32First
GetPrivateProfileIntA
SetEnvironmentVariableA
WaitForSingleObject
ExitProcess
VirtualAllocEx
LoadLibraryA
GetExitCodeProcess
GetPrivateProfileIntA
GetDiskFreeSpaceW
GetLongPathNameA
WriteFileEx
GetPrivateProfileSectionA
InterlockedIncrement
FindResourceW

apphelp

ApphelpCheckIME
AllowPermLayer
SdbCreateMsiTransformFile
ApphelpCheckExe

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE