8ad6873e2b88682e7986e8ff408c64bf

Sharing

Copy URL Twitter E-mail

General

Target

8ad6873e2b88682e7986e8ff408c64bf
Size

246KB
MD5

8ad6873e2b88682e7986e8ff408c64bf
SHA1

9d37f86a1e3e9b9e26ae6112fcced1a27e11722a
SHA256

42aab870bef646884a0e9b88c0b1b9db52388d19aad865a2b9f275a49e77f900
SHA512

27ed5f42ea3380505c09d32348a1267a62da01dca0b7a77d3c83ac37cfb2c9d9e9f7f8a739a5e72d1b246b27e4ba18e52447681b6f60474abb81e9ff72e4aa0c
SSDEEP

6144:A+aDJ149IdeT986Qh+7MLw6utJD3qZvj3:A+Ug93q6QQF6YSvD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ad6873e2b88682e7986e8ff408c64bf

Files

8ad6873e2b88682e7986e8ff408c64bf
.exe windows:4 windows x86 arch:x86

b6ee90fac54b85850a3a51ce960c15bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
ExitThread
GetOEMCP
GetProcessHeap
GetLocalTime
FreeResource
SizeofResource
lstrlenA
VirtualQuery
CreateEventA
GetFileSize
GlobalAddAtomA
GetCurrentThread
GetFileType
SetHandleCount
EnterCriticalSection
GetCurrentProcess
GetLastError
GetStringTypeW
VirtualAllocEx
GetACP
GlobalAlloc
GetCurrentProcessId
lstrcatA
ExitProcess
HeapAlloc
CreateFileA
SetFilePointer
GetModuleHandleA
SetEndOfFile
GlobalFindAtomA
GetSystemDefaultLangID
GetDiskFreeSpaceA
SetErrorMode
GetStringTypeA
GetEnvironmentStrings
GetStartupInfoA
lstrcpyA
SetEvent
WriteFile
CreateThread
lstrcmpiA
HeapFree
GlobalDeleteAtom
FormatMessageA
SetLastError
FreeLibrary
WaitForSingleObject
lstrcmpA
LocalReAlloc
CompareStringA
FindResourceA
FindFirstFileA
LocalFree
LoadLibraryA
CloseHandle
GetFullPathNameA
WideCharToMultiByte
GetTickCount
LoadLibraryExA
EnumCalendarInfoA
GetVersion
HeapDestroy
lstrcpynA
LocalAlloc
LoadResource

user32

CharLowerBuffA
CallWindowProcA
GetParent
DeferWindowPos
CharNextA
DefFrameProcA
GetClientRect
IsChild
DefMDIChildProcA
CheckMenuItem
EnumWindows
GetFocus
GetActiveWindow
GetClipboardData
DefWindowProcA
GetMenuStringA
GetDCEx
BeginDeferWindowPos
DispatchMessageW
GetKeyNameTextA
GetClassInfoA
CreateMenu
EnumThreadWindows
EnumChildWindows
GetMenuState
GetScrollInfo
EnableMenuItem
GetDC
DrawFrameControl
FindWindowA
SystemParametersInfoA
ClientToScreen
GetMenuItemInfoA
CreatePopupMenu
GetSubMenu
DispatchMessageA
GetSysColorBrush
GetCursor
SetWindowTextA
BeginPaint
SetWindowPos
EnableScrollBar
SetWindowLongA
IsWindowVisible
GetMenu
ShowScrollBar
GetCursorPos
SetTimer
DrawTextA
EnableWindow
EndDeferWindowPos
GetForegroundWindow
IsDialogMessageA
GetMenuItemID
DrawIcon
GetScrollRange
GetLastActivePopup
GetMenuItemCount
GetIconInfo
DrawMenuBar
IsWindowEnabled
FillRect
GetMessagePos

advapi32

GetLengthSid
GetUserNameA
RegOpenKeyA

msvcrt

log10
memmove

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6ee90fac54b85850a3a51ce960c15bf

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 40KB - Virtual size: 39KB

.init Size: 3KB - Virtual size: 3KB

.idata Size: 202KB - Virtual size: 201KB

.text
Size: 40KB - Virtual size: 39KB

.init
Size: 3KB - Virtual size: 3KB

.idata
Size: 202KB - Virtual size: 201KB