c8d6b65fd603c1f192e2bdb076f39160_exe32[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8d6b65fd603c1f192e2bdb076f39160_exe32.exe
Size

66KB
MD5

c8d6b65fd603c1f192e2bdb076f39160
SHA1

a517883a92a2b59e77db5f0d970e5fa2dc531496
SHA256

727f1a649a0244715c1d9092d37b995de81feb192c321c420f95961186c7c678
SHA512

68ed3ea3a1558d921501380b2c3013afb28ecaae81bdd6e9360d70e2a52f5a50285ff0a9f3a8e3622bb3c71a78f89d45a61ae4178f50c66d84f17e4bb7dd3466
SSDEEP

1536:ylWteOeCj65eaHSsDMQcFJ2XOvv+NQBtheWmvLXIfW2+Ku7:9t1pz1sgTSOvGNSmjIe2+Ku7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8d6b65fd603c1f192e2bdb076f39160_exe32.exe

Files

c8d6b65fd603c1f192e2bdb076f39160_exe32.exe
.exe windows:4 windows x86

4f95c6478827388689344ac485aca83d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PackageFamilyNameFromId
ResolveDelayLoadedAPI
NlsEventDataDescCreate
WerRegisterMemoryBlock
GetGeoInfoW
LocalFree
ConsoleMenuControl
WriteConsoleW
WerUnregisterRuntimeExceptionModuleWorker
SetDefaultCommConfigW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE