8b6dc99082dd2b785ba78178ba379bfe25a74ffd1fb721ad6d5b3427b28380f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b6dc99082dd2b785ba78178ba379bfe25a74ffd1fb721ad6d5b3427b28380f8
Size

44KB
MD5

09245ba6376e221852161b10a961054e
SHA1

7eaff4b17a06804e19402a57c604891d46aaca21
SHA256

8b6dc99082dd2b785ba78178ba379bfe25a74ffd1fb721ad6d5b3427b28380f8
SHA512

fd88b86229550342d1c1b2c529d8c55d3d38e18ee0fa4e22f39a4b7b160feb667e46b4b9af8901bef5c16e3104c6096ab42eacb7b62fa27ebd239380f840eb9e
SSDEEP

384:gI9GB+MuPp5GZ8ClqSRRI4iGS/nWDyCjrF6oZ/xyc:g2GBNpZTpGQrnF6otxyc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b6dc99082dd2b785ba78178ba379bfe25a74ffd1fb721ad6d5b3427b28380f8

Files

8b6dc99082dd2b785ba78178ba379bfe25a74ffd1fb721ad6d5b3427b28380f8
.exe windows:4 windows x86

722f1e124a7b6ad9c9c52b9052a4de60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wmvert

wm_CreateWindowFromTemplate
wm_NotifySys
wm_OpenDlg
wm_LoadWin

kernel32

GetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ