8da756b9f76e1466e5efd30fea211e6a

Sharing

Copy URL Twitter E-mail

General

Target

8da756b9f76e1466e5efd30fea211e6a
Size

179KB
MD5

8da756b9f76e1466e5efd30fea211e6a
SHA1

35ba839acc4c1da2889db5e8c394f406185c8fc3
SHA256

4c463be418eff2f55fdf2f87e1db5ad6b9e62e308a6e886523ae4f8487234ab0
SHA512

14a716a2680dbba7db7c7ce748b7523cb82aeed697dcfdc05bbfb301e2ab437c86fcad1f8da5f3ed3b584d0563e0d266c546e449691b7d65fbee9080ab7528db
SSDEEP

3072:K6fmw9P8a59w1jLBxurEfhx8IrL2up5IIs3oE9t5gnG6dTsgwJ5NHfm+Ufp:ZN8a4P4rEfhR2M5ooEf5gnG6OtLfmt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8da756b9f76e1466e5efd30fea211e6a

Files

8da756b9f76e1466e5efd30fea211e6a
.exe windows:5 windows x86 arch:x86

106dee1ec784725c3ee025e8bfb0e711

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueueUserWorkItem
WriteConsoleOutputCharacterA
GetConsoleAliasesA
SetVDMCurrentDirectories
GetLogicalDriveStringsA
GetCommandLineA
FindNextFileA
GetVolumePathNamesForVolumeNameA
VirtualAlloc
GetThreadContext
DuplicateHandle
GetDiskFreeSpaceExA
BeginUpdateResourceA
OpenMutexA
SetMailslotInfo
GetConsoleInputWaitHandle
SetHandleContext
GetTempPathA
ReadConsoleOutputCharacterA
SetEvent
OutputDebugStringA
SetProcessPriorityBoost
AddConsoleAliasA
OpenProcess
SetProcessShutdownParameters
ReadConsoleOutputA
IsBadStringPtrA
SetConsoleHardwareState
DeleteFileA
WriteConsoleOutputCharacterW
GetConsoleOutputCP
FlushConsoleInputBuffer
RaiseException
GlobalSize
GlobalDeleteAtom
WaitForMultipleObjects
ReadConsoleA
ReadFileEx
GetModuleFileNameA
GetCurrentConsoleFont
GetProcessIoCounters
SetEnvironmentVariableA
GetDllDirectoryA

psapi

GetModuleFileNameExA

ntdll

RtlGetLastWin32Error

user32

SetMenuItemBitmaps
DefMDIChildProcA
TranslateMessageEx
GetKBCodePage
DrawEdge
GetCursorFrameInfo
GetCursorFrameInfo
GetDlgItemTextA
LoadBitmapA
CloseWindowStation
CreateDialogIndirectParamA
HiliteMenuItem
GetWindowRect
SendIMEMessageExA
DeferWindowPos
RegisterClassExW
EnumDesktopsA
EndPaint
CharToOemBuffA
LoadCursorFromFileA
UpdateLayeredWindow
IsDialogMessageA
InflateRect
GetKeyboardType
GetWindowTextA
GetClipboardData
IsDialogMessageA
DlgDirListComboBoxA
AppendMenuA
OpenWindowStationA
GetDCEx
GetScrollInfo
CallWindowProcA
GetMenuItemID
IsMenu
LoadImageA
LoadMenuIndirectA
UnhookWindowsHook
GrayStringA
PrivateExtractIconExA

Exports

Exports

Nhbyrksotm
ClosePhtmlsfvtfk
Onralnr
Eupxnnoe
OpenFxkmftuu
Kbcqxpqghf
SetQiyfjtertg
Ynoiiqk
Wgbdnxba
Gcoaibglh
IsCjcflti
GetUrxbmup
CreateFrrhygaxwli
Tvqudttg
ClosePgfaqje
AddPxyiosjq
Dwvbqbgafe
BeginFumyxdy
ReadSbaiwwol
OpenOerabvptvu

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

106dee1ec784725c3ee025e8bfb0e711

Headers

File Characteristics

Imports

kernel32

psapi

ntdll

user32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 90KB

.idata Size: 3KB - Virtual size: 129KB

.rsrc Size: 87KB - Virtual size: 87KB

.text
Size: 90KB - Virtual size: 90KB

.idata
Size: 3KB - Virtual size: 129KB

.rsrc
Size: 87KB - Virtual size: 87KB