ec8f9072fd12e92687de262b4fa2fc38[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec8f9072fd12e92687de262b4fa2fc38.exe
Size

138KB
MD5

ec8f9072fd12e92687de262b4fa2fc38
SHA1

e710e95aba7233e51c2a4f3b5e01ad4e0099fb7b
SHA256

75fce5a86a9d3032e166ea9d5da61fdb47313186c44d8a4fdef1ed4705940bc6
SHA512

187afb54bc087b73bba3634c07127968518a67aa18705588e7cb2850cb0e20f095ea946a0eced7187c1a80aa20194043735d198c479e352dd70b4ac6d22c9134
SSDEEP

3072:WD9YyCvd55GbOksbqgsCywBtzMNFQrEqMfdAkgMxNPk30ifId7z:WJYycd5aGnywBdMvjVB/xNPC0iW7z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec8f9072fd12e92687de262b4fa2fc38.exe

Files

ec8f9072fd12e92687de262b4fa2fc38.exe
.exe windows:4 windows x86 arch:x86

08045aeb187eed824c7f493b1d098bed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathW
ShellExecuteExW

oleacc

LresultFromObject

ole32

StgOpenStorage
CoUninitialize
CoCreateInstance
CoFileTimeNow
CoInitialize

kernel32

DeleteFileW
GlobalReAlloc
IsDBCSLeadByte
DisableThreadLibraryCalls
SearchPathW
GlobalFree
SetCurrentDirectoryW
GetShortPathNameW
SetErrorMode
FindResourceW
SetEnvironmentVariableW
GlobalDeleteAtom
GetCurrentDirectoryW
UnlockFile
LockFile
WriteFile
GetVolumeInformationW
EnumResourceNamesW
SetFileTime
FindFirstFileW
FindNextFileW
IsDBCSLeadByteEx
SetFileAttributesW
GetDriveTypeW
GetFileSize
ReadFile
GetACP
ExitProcess
SetFilePointer
GetFileTime
CloseHandle
GlobalSize
LoadResource
MoveFileW
FindClose
GetLocalTime
GlobalUnlock

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ