8afa6577e634e4bb2b6f5eaec1eae60f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8afa6577e634e4bb2b6f5eaec1eae60f
Size

263KB
MD5

8afa6577e634e4bb2b6f5eaec1eae60f
SHA1

521a8282820a406123372d0cd76853e6e9dc6649
SHA256

e930051c0e6e478c8a6e80822d950782959e8be6c8ae6438550e44a742f3f2ef
SHA512

0a7afcef7e31973958a135a2fb8f29fb8e0c88a0f380a6a26c305b279c0615470702ac98e9dc4758b31b377c829ddcc7edf732850c5e6afbf9c82568de00a523
SSDEEP

6144:XJza5SWJBvUekpL20/+EKW1WvjqnMyItx3CGkVkEQjU+f01:5zaQWvsef0/rKW16jJjtxZFEQjUI01

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8afa6577e634e4bb2b6f5eaec1eae60f

Files

8afa6577e634e4bb2b6f5eaec1eae60f
.exe windows:4 windows x86 arch:x86

d3e709fac21f4699c5f1e5eb1e09bb7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
FindFirstFileW
CopyFileW
EnumDateFormatsA
FindNextFileW
SetFileAttributesW
MoveFileW
FindClose
SetLastError
OpenProcess
UnregisterWaitEx
RegisterWaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FormatMessageW
GetTickCount
CreateEventW
CreateThread
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
ResetEvent
SetEvent
GetFileAttributesExW
ReleaseMutex
WaitForMultipleObjects
CreateMutexW
CloseHandle
WaitForSingleObject
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
LocalAlloc
LocalFree
GetLastError
InterlockedDecrement
InterlockedIncrement
InterlockedExchange

oleaut32

VARIANT_UserFree
SafeArrayCreateEx
VarDateFromI8
SafeArrayGetRecordInfo
SafeArraySetIID
SetErrorInfo
SysAllocString
SysAllocStringLen

msvfw32

ICInfo

Sections

.text
Size: 165KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ