8a8918d70a2e201aa6c111eca4109fb8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a8918d70a2e201aa6c111eca4109fb8
Size

803KB
MD5

8a8918d70a2e201aa6c111eca4109fb8
SHA1

5401de091585c380681a92b09b7d61aef0d10cdb
SHA256

d175c4a929d54b25e30d630351710bd7eaade2b67d433b322b897ed9fccee5e1
SHA512

e884e4756a926143221044fa81d6f6d93ed6b7fa9cc5567aea5ae1ad1d4dce426672f7dc01586349ffebd3b8d87ef2f863900653e61e9efd854a5dd92b93e09e
SSDEEP

24576:B1702Lkrx5fa7IUcLMAoK0sY6MMFc+R/IB8n:n70okrbS7vcoAoVsMMyI/MY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a8918d70a2e201aa6c111eca4109fb8

Files

8a8918d70a2e201aa6c111eca4109fb8
.exe windows:5 windows x86 arch:x86

b056a56e2da51f2294117a93537fa9b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
GetCurrentThreadId
GetFileAttributesA
PulseEvent
SetFileTime
GetConsoleMode
GetModuleFileNameA
LeaveCriticalSection
GlobalFlags
GetDriveTypeW
GetProcessVersion
CreateFileW
VirtualProtectEx
OpenMutexA
GetTickCount
InterlockedExchange
GetModuleHandleA
HeapDestroy
FindAtomW
CreateDirectoryA
SetFilePointer
CreateFileW
GetVolumePathNameA
OpenEventA
DeleteFileW

user32

IsMenu
GetWindowTextA
GetWindowLongA
MessageBoxA
GetWindowLongA
DestroyMenu
wsprintfA
PeekMessageA
SetRect
SetFocus
LoadCursorA
DestroyIcon
DispatchMessageA

dot3msm

Dot3MsmDisconnect
DllMain
Dot3MsmFreeProfile
Dot3MsmDeInit

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE