84d88ef0cf2076abaf2949ea2c8df4059ab3dc17cd6b017f09a655baa92138fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84d88ef0cf2076abaf2949ea2c8df4059ab3dc17cd6b017f09a655baa92138fc
Size

309KB
MD5

152156a1532b98971290ac2375c8a950
SHA1

8dd340901a715b45cf7d46e2882031c27a031216
SHA256

84d88ef0cf2076abaf2949ea2c8df4059ab3dc17cd6b017f09a655baa92138fc
SHA512

f17e4f2cd5a1e30b58608e27b9f193ade555d6fbb3467599a03ef933156604e18bccbf1ddadac702cbb200d277cc11ffc14b11c06dac8840767567a8d13c8d49
SSDEEP

6144:/2VRWLfEQTr03LgMjpJuyN0OdLUEprDzhZL:/ljN0UMjppN0OdLUEdH

Score

N/A

Malware Config

Signatures

Files

84d88ef0cf2076abaf2949ea2c8df4059ab3dc17cd6b017f09a655baa92138fc
.exe windows x86

818e624cd5f323d1bd5b9e2288871893

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32First
GetModuleHandleW
WriteFileEx
GetDiskFreeSpaceW
InterlockedIncrement
GetLongPathNameA
WaitForSingleObject
GetPrivateProfileSectionA
lstrcmpA
GetCurrentDirectoryA
GetDiskFreeSpaceW
SetEnvironmentVariableA
GetPrivateProfileIntA
LoadLibraryA
GetExitCodeProcess
FindResourceW
GetStringTypeW
InterlockedDecrement
VirtualAllocEx
lstrcpyW
GetPrivateProfileIntA
ExitProcess
GetACP

apphelp

ApphelpCheckIME
ApphelpCheckExe
AllowPermLayer
SdbCreateMsiTransformFile

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE