8a6a4cae7b54670e76e92629129c02e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a6a4cae7b54670e76e92629129c02e5
Size

48KB
MD5

8a6a4cae7b54670e76e92629129c02e5
SHA1

b588b2ce9512e85da8f86e04f25f12a390bc5218
SHA256

d7433c2db37d031d8668fbe88bde18f53ecdde993c7728cded8ae6814b50478d
SHA512

6e5d62ec10c4b5ffb4147da8361d987fdcf86a32dd7355b0c1f95ce78b058d971ded70928d4cf21e2ad71e62f36422d7e99cf2e14f6f5406b876b854322e64f8
SSDEEP

1536:Rg5gULHB7HvF7bqCwF4BBrUojExD3LnOYll:C5vF7bjBBBrJEBrH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a6a4cae7b54670e76e92629129c02e5

Files

8a6a4cae7b54670e76e92629129c02e5
.exe windows:5 windows x86 arch:x86

2e80559fae29ee7e426414e86149cde9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW

shlwapi

PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrStrW
wnsprintfA
wnsprintfW
wvnsprintfA

user32

CharLowerBuffA
GetDlgItem
GetDlgItemTextA
GetKeyState
GetWindowLongA
LoadCursorA
MsgWaitForMultipleObjects
OpenDesktopA
PeekMessageA
ToUnicode

Sections

.mtotsp
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.spavaz
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tgxsx
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ