8d64cdbbb5261eeeaaa9c31e57a64fb5

General

Target

8d64cdbbb5261eeeaaa9c31e57a64fb5
Size

196KB
MD5

8d64cdbbb5261eeeaaa9c31e57a64fb5
SHA1

04e26aeac3481fcb69ebae6ab4aa8c3481a698e7
SHA256

77ea7fb6802e06c547e729516b4186d93a2ec806316954e75995c59250391b0b
SHA512

f18a08a7bdc146120a033069605becdc648110c74db92d24092b4cea21e7c0f1dddc33692f898ab2ca47e70f998b9afc9679a147ea2014bcd977e1c4f65fd309
SSDEEP

3072:/oJNlp8IKAXTk84PTDoPnD5O7BdVA2FHOBNnbrigA:gJNX0uk8SXEtOphHObnHDA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d64cdbbb5261eeeaaa9c31e57a64fb5

Files

8d64cdbbb5261eeeaaa9c31e57a64fb5
.exe windows:4 windows x86 arch:x86

a22e9948a852e96674839fec52d17724

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetPrivateProfileIntA
lstrcpyA
TransactNamedPipe
FindFirstFileW
PrepareTape
OpenFileMappingA
OpenMutexW
GetPrivateProfileSectionNamesA
lstrcmpA
EnumResourceLanguagesW
Heap32Next
LockFileEx
SetDefaultCommConfigA
GlobalAddAtomA
WaitForSingleObject
GetProfileIntA
VirtualAlloc
GetThreadPriorityBoost
GetEnvironmentStrings
WaitNamedPipeW
LoadLibraryExA
DeleteFileW
GetPrivateProfileIntW
IsDebuggerPresent
UpdateResourceW
DebugActiveProcess
IsBadStringPtrW
UnhandledExceptionFilter
CreatePipe
GetPrivateProfileStringW
InterlockedExchange
Thread32Next
SetVolumeLabelA
GetNumaHighestNodeNumber
CreateSemaphoreW
Sleep
IsBadWritePtr
SetLocaleInfoW
OpenEventA
CopyFileExW
EnumSystemLocalesW
FindNextFileW
SetSystemPowerState
lstrcatA
GetFileSize
FindFirstFileExA
GetWindowsDirectoryW
BuildCommDCBW
CopyFileW
GetLocaleInfoA
GetTapePosition
SetThreadPriorityBoost
HeapSetInformation
GetTempFileNameA
SetupComm
WritePrivateProfileStringW
GetSystemDirectoryW
EnumCalendarInfoExA
WriteFileGather
GetLongPathNameA
GetStartupInfoW
CreateThread
GenerateConsoleCtrlEvent
GetExitCodeThread
ResetEvent
HeapCreate
FoldStringA
CreateFiber
ReadDirectoryChangesW
SetNamedPipeHandleState
FlushConsoleInputBuffer
CreateDirectoryExA
RaiseException

Exports

Exports

IqAf
IqCh
IqCx
IqCyi
IqDi
IqKavok
IqMwwd
IqMz
IqNocu
IqOb
IqOgyo
IqPc
IqQd
IqQew
IqQiap
IqSkcr
IqTcii
IqUb
IqUuec
IqWwgd

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a22e9948a852e96674839fec52d17724

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 43KB - Virtual size: 43KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 43KB - Virtual size: 43KB