08f1f4e40036151c3dd53a94ed3bc5e2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08f1f4e40036151c3dd53a94ed3bc5e2
Size

171KB
MD5

08f1f4e40036151c3dd53a94ed3bc5e2
SHA1

1deb86f3bfccfd66c932242e24ebf26464f8720e
SHA256

b03f570b066b9d15c5a2eeca7cc83c4987ba079ee6ff64eb7f37bf16963af017
SHA512

076794fe3d5fcb15d09746cad214b0cf6f4e1c9879d39b20642412ff505795373c7df0791a3ab603bf11f4d20e701bfed01e59b44a157d74cc00c51c1085d878
SSDEEP

3072:cpGTuywDtlvH/7Kumd/R28sjuYQbBp0UZ3o8ueWba6swS2yVPYEz10BEHbGFjT:cpGSywphH/+J28SuTb73tuNbalwSZPY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f1f4e40036151c3dd53a94ed3bc5e2

Files

08f1f4e40036151c3dd53a94ed3bc5e2
.exe windows:4 windows x86 arch:x86

b10d2305330f1b69d73af91ed91bc8f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashW

kernel32

TlsGetValue
WriteConsoleW
TlsFree
AddAtomW
LoadLibraryExW
GetVersionExA
GetProcessHeap
HeapAlloc
SetLastError
TlsAlloc
ExitProcess
GetLastError
GetConsoleMode
CreateFileA
GetModuleHandleA
CreateFileMappingA
GetVersionExW
GetProcAddress
FlushFileBuffers
EnumResourceNamesA
GetEnvironmentVariableW
GetModuleHandleW
InterlockedIncrement
GetTempPathW
GetConsoleCP
VerLanguageNameA
HeapFree
TlsSetValue
MapViewOfFile
UnmapViewOfFile
InterlockedDecrement
CreateFileW
Sleep

msimg32

AlphaBlend
TransparentBlt

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

winmm

mciSendCommandW
sndPlaySoundW

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ