8afda971f13deac3a9be500fcdb6f29dbbe9fa640fd9b92a6775df0ffaaf530f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8afda971f13deac3a9be500fcdb6f29dbbe9fa640fd9b92a6775df0ffaaf530f
Size

9.0MB
MD5

08b9315067f69dbd189a9217c82e10c5
SHA1

c945bbf92b6653afb19463b8db8c33aeda806e0e
SHA256

8afda971f13deac3a9be500fcdb6f29dbbe9fa640fd9b92a6775df0ffaaf530f
SHA512

5bf3f69e3b6a23693d2e59505fa7ae892ea2aa81480c94da1c3f40e686ab0cde534ee769028c7a8732103d459a4cff02c58e2149e9078909304c959c02328f99
SSDEEP

196608:xJyg85iP6gOjZuIhWzwq3cdtMvbD2iF44FIlYNNqPTaz/sUDor9ib:xJdBPNOtBhBq3cwUE28Mri/X8r9ib

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8afda971f13deac3a9be500fcdb6f29dbbe9fa640fd9b92a6775df0ffaaf530f

Files

8afda971f13deac3a9be500fcdb6f29dbbe9fa640fd9b92a6775df0ffaaf530f
.exe windows:4 windows x64 arch:x64

938a2cd4dd6d8a7ae82cf7f0e13f7342

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle

msvcrt

__C_specific_handler

shell32

SHFileOperationW

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

user32

GetWindow

advapi32

RegSetValueExA

Sections

.text
Size: 7.5MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ