8b0bc1410b2e68ab481ea93b24da2a84 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b0bc1410b2e68ab481ea93b24da2a84
Size

238KB
MD5

8b0bc1410b2e68ab481ea93b24da2a84
SHA1

33db3b98873877d210b53362143f7f670bef4ab1
SHA256

c049957da733bd79d49d9cd8e9b0e36cf1def69068fcd2c52b86814548214070
SHA512

a2e1eaff116adc84d52ac2f9a0a4f8eac40299e744a530e5d84efa1d3dd4aaec0d0cfa5f1c2523692f346602c61ea18cd57e751c75cb9fa26328b5c93b691af6
SSDEEP

6144:Ptgat6Qo9aTZzzC9ACDQ3rW0ewrahuOkOaB4YXdR3W:PtrYQuqzWGAuvawGalX73W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b0bc1410b2e68ab481ea93b24da2a84

Files

8b0bc1410b2e68ab481ea93b24da2a84
.exe windows:4 windows x86 arch:x86

498f1c3b1cfdd1f6431d4d43ce7429d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
PeekMessageA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
WriteFile
Sleep

advapi32

RegQueryValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex

Sections

.text
Size: 20KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE