8d8931a24fd0aeaf58f245fb8b1ae527

Sharing

Copy URL Twitter E-mail

General

Target

8d8931a24fd0aeaf58f245fb8b1ae527
Size

56KB
MD5

8d8931a24fd0aeaf58f245fb8b1ae527
SHA1

ee814e83b2b73745ba448ed4bfa7b8547ae39f03
SHA256

5a08aa42400e72b1ebb0896774adea850d634354b5f64683750382687446421d
SHA512

80a7e6e4ab6bced37597a4a5c1f2a9c7fa04b4ba05ed0ee8ce5ca17edcfdb46c40904aa2e780037e1569935b240a0e228f0efb3ab2b9ba6a5465087db446f80d
SSDEEP

768:K7mutt8/0FnCkRMl7J60+WgtaEn7LNd69k025QnEFnRTLjey3PcDv8pItOKBckEJ:et8KCkCl7TTgbnNd69M5ykwu0jg+cVJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d8931a24fd0aeaf58f245fb8b1ae527

Files

8d8931a24fd0aeaf58f245fb8b1ae527
.exe windows:4 windows x86 arch:x86

69259d52cd394b410edc3f981cb142d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\stresstest2.0\Src\reboot_win\Release\Reboot.pdb

Imports

kernel32

RtlUnwind
HeapSize
GetCPInfo
GetOEMCP
GetACP
SetEndOfFile
GetStringTypeA
CreateFileA
FlushFileBuffers
SetStdHandle
HeapReAlloc
GetLocaleInfoA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetModuleFileNameA
DeleteFileA
SetConsoleCtrlHandler
Sleep
GetCurrentProcess
GetLastError
GetStringTypeW
GetTickCount
VirtualQuery
GetSystemInfo
ExitProcess
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
WideCharToMultiByte
GetTimeZoneInformation
HeapFree
CloseHandle
ReadFile
SetFilePointer
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
LoadLibraryA
HeapAlloc
MultiByteToWideChar
VirtualProtect
VirtualAlloc
SetEnvironmentVariableA

user32

GetMessageA
DispatchMessageA
TranslateMessage
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
SetForegroundWindow
ExitWindowsEx
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
DestroyWindow
GetWindowRect
DrawTextA
UpdateWindow

gdi32

CreateFontIndirectA
SetTextColor
SetBkColor
SelectObject
GetStockObject

advapi32

RegDeleteValueA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

shell32

ShellExecuteA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

69259d52cd394b410edc3f981cb142d8

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 9KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 9KB