8fa39ca3644b4bcf974e357823e37132b9ce8a30d52d9d8a542d63cacf1c5234 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8fa39ca3644b4bcf974e357823e37132b9ce8a30d52d9d8a542d63cacf1c5234
Size

162KB
MD5

cda1b703f53aaf429489b376da8b0448
SHA1

846692c9963b7aec19223f0f2ea6435c9f3f88fa
SHA256

8fa39ca3644b4bcf974e357823e37132b9ce8a30d52d9d8a542d63cacf1c5234
SHA512

ceaed193c210a7ffb83b63949fd7f2a29511fcec2a8eeff3b820dc9a7f5b26516de73d52cf16a926af7ee054523b8b6ddbd61f6f82db68b99607f88ada10e8e4
SSDEEP

1536:+/UurvDQ8AyDAQcMSurvDQ8AyDAQcMDurvDQ8AyDAQcM:uBoevcmoevctoevc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fa39ca3644b4bcf974e357823e37132b9ce8a30d52d9d8a542d63cacf1c5234

Files

8fa39ca3644b4bcf974e357823e37132b9ce8a30d52d9d8a542d63cacf1c5234
.exe windows:6 windows x64

f7be1e25d5870f7da94f805588b6d3b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

qal

LoadAllocator

kernel32

GetModuleHandleW
GetProcAddress
LoadLibraryW
GetStartupInfoW
ExitProcess
GetCommandLineA

Sections

.text
Size: 512B - Virtual size: 429B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ