08380be0e583f11a82c29ed749b0090b | Triage

Sharing

General

Target

08380be0e583f11a82c29ed749b0090b
Size

746KB
MD5

08380be0e583f11a82c29ed749b0090b
SHA1

84fd59d1a84f2e8e1a761dc1b1613ee4c038f90b
SHA256

35d112cabadbe1e6b900ac747070acfa820bdf8bdc834c75eecce5cb898aec74
SHA512

0f3ff1b48aa800b1d780dc2e55a86e568aebc8bedf076261e03eb7b62807b29a35cbe9fd6dd54892f20b179440cf5f47b74a5c4eb1bb0ae6ccdd1363109fab02
SSDEEP

12288:XmHr55SZ9tZ5eb9s0LZ+3bgZBiXhFArWDFrKc5/Tp+aqMrK4wUNqYNmsNFEJ9/Jx:fZORsb3ELUhFDWc5/T4aJ1FNXNFEJ9P7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08380be0e583f11a82c29ed749b0090b

Files

08380be0e583f11a82c29ed749b0090b
.exe windows:4 windows x86 arch:x86

9805cabed3bff2a886256723f7be22b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
RemoveDirectoryA
SetLastError
VirtualAllocEx
GetFileAttributesA
CreateFileA
ExitProcess
GetStdHandle
GetEnvironmentVariableW
CloseHandle
HeapSize
OpenProcess
CreateMutexA
GetTickCount
ResetEvent
GetCommandLineW
FindClose
GetModuleHandleA
DeleteFileW
SetEvent
GetStartupInfoW

user32

DispatchMessageW
GetDC
MessageBoxA
FindWindowW
GetWindowLongA
PeekMessageA
GetClassInfoA
GetDC
GetSysColor
FillRect
DispatchMessageW
GetDC
CallWindowProcW

mfcsubs

??$HashKey@PBD@@YGIPBD@Z
??$HashKey@PBD@@YGIPBD@Z
??$HashKey@PBD@@YGIPBD@Z
??$HashKey@PBD@@YGIPBD@Z

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ