8b9a6b3224b38be84527a47a72eea700_exe32[.]exe

General

Target

8b9a6b3224b38be84527a47a72eea700_exe32.exe
Size

244KB
MD5

8b9a6b3224b38be84527a47a72eea700
SHA1

f3773b4b4bfc1e2195a78e8f299863f36cff8fb3
SHA256

ec7fabb6151e6176e5927a0e9ee7fe61aaf10839dd4233063347f27e7bb9bc73
SHA512

d2f1a8f7c8b72bb6637907508d3fed164a75bf32d0f616ca67add506496c0970d064d5d8f41eb81ba95d44abe4f7b482318cf0c72c6e8b49467757ad914ae8c9
SSDEEP

6144:wi24esCw9XzUEJy3BkGZMd5MKZChCJgQzoSXF:klsCuX4E4fZMdDB0S1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b9a6b3224b38be84527a47a72eea700_exe32.exe

Files

8b9a6b3224b38be84527a47a72eea700_exe32.exe
.exe windows:4 windows x86

69a1e26950694cd289806bb76aa828c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
EnterCriticalSection
GetVersion
GetComputerNameW
GetTickCount
RemoveDirectoryW
GetCurrentProcess
TransactNamedPipe
UnlockFile
UnmapViewOfFile
FindCloseChangeNotification
GetTimeZoneInformation
GetVersionExA
GlobalAlloc
SetEndOfFile
CreateFileMappingW
ExpandEnvironmentStringsW
GetProcAddress
GetEnvironmentVariableW
LoadLibraryA
GetModuleFileNameW
VirtualQueryEx
SetFileTime
GetSystemTime
FindResourceW
MoveFileExW
GetWindowsDirectoryW
InterlockedExchangeAdd
GetLongPathNameW
FindNextFileW
GetEnvironmentStringsW
DeviceIoControl
VirtualAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69a1e26950694cd289806bb76aa828c7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 227KB - Virtual size: 227KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 10KB - Virtual size: 19KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 227KB - Virtual size: 227KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 10KB - Virtual size: 19KB

.rsrc
Size: 2KB - Virtual size: 2KB