8bcd1fa0ecc7b10955d2fa699ab4fde2e52b9459c82575516e3e94c380faca3d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bcd1fa0ecc7b10955d2fa699ab4fde2e52b9459c82575516e3e94c380faca3d
Size

281KB
MD5

24a931b184d4b122a22e22e74681e77f
SHA1

40aca10f361b4be41d373695c608d828d24395f8
SHA256

8bcd1fa0ecc7b10955d2fa699ab4fde2e52b9459c82575516e3e94c380faca3d
SHA512

728b9fb866f4491e8ba18dbd82bcbcdb90c46ddbfdccfc0feb1838ff4ab494e021139e929b9fcffe235e5a3b837ee896a992edc1a4e8c88c1d1e8119ac8bd0b8
SSDEEP

6144:TZiyUONuDlfaPQx6BPpLoWjQr5bxtGiN0Q9C9HBo5uulyv1gggT:TUHONuGQcLLoWjQPt/lg9eO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bcd1fa0ecc7b10955d2fa699ab4fde2e52b9459c82575516e3e94c380faca3d

Files

8bcd1fa0ecc7b10955d2fa699ab4fde2e52b9459c82575516e3e94c380faca3d
.exe windows x86

7080b8d94a427465e8851e1d182e93a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

dhplay

_PLAY_SetWaterMarkCallBackEx@12

user32

DeferWindowPos

gdi32

CreateRectRgn

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW

advapi32

RegEnumKeyW

shell32

SHGetPathFromIDListW

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter

oleaut32

SysAllocString

Sections

.text
Size: 253KB - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE