8f3be2808b35a699cbb445c1cba2d21699cb93c17423d5d9c0498575d45a656a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f3be2808b35a699cbb445c1cba2d21699cb93c17423d5d9c0498575d45a656a
Size

15.3MB
MD5

35bb1b420c14be5fa7a173e9744d19f0
SHA1

cdd666a46325854a1cc4da39828d1ba87c722bc3
SHA256

8f3be2808b35a699cbb445c1cba2d21699cb93c17423d5d9c0498575d45a656a
SHA512

9d7643576a69d1752cf04124eaf1085990bae7cf7d10c009a2b439897c3ebda2dcf31167a4a9ca16feb869df01b4ba7c9c89e92fda2299e5079507d160844350
SSDEEP

196608:GNwn3+1EROkY059U7MkCKg7XRUE/41Jomc4SbxPBRin4is:/sEVY0wOX+bR4D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f3be2808b35a699cbb445c1cba2d21699cb93c17423d5d9c0498575d45a656a

Files

8f3be2808b35a699cbb445c1cba2d21699cb93c17423d5d9c0498575d45a656a
.exe windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ruttaiat
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rfiqlosw
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE