8b2fccdd93fabccb4961900c7afb02f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b2fccdd93fabccb4961900c7afb02f6
Size

84KB
MD5

8b2fccdd93fabccb4961900c7afb02f6
SHA1

a46bee79e10c82ee47ee382d11bafa0e8764f5eb
SHA256

220d6a9a6abb10687a26da3a540edddc15aef17e115c3d17c4ddc6ae12247496
SHA512

ee0c336321a88cab02b3871d3945d01ba9e941d0269e1cb689b52063db57376e286fc8e21f1682c49e9d75e0bf50dab80c87058e28a99a7938009f08554a350a
SSDEEP

1536:a88WThONrR687dPC+W2VhlytQMlP+umeKUbNC8aPA:VThO5xPJWzlP+um+gA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b2fccdd93fabccb4961900c7afb02f6

Files

8b2fccdd93fabccb4961900c7afb02f6
.dll windows:4 windows x86 arch:x86

43353f4a0bc4a4445d57e63d7c0e3205

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetSaveFileNameW
WantArrows
ChooseColorA

user32

GetSystemMetrics
SetWindowPlacement
EnableWindow

kernel32

GetStartupInfoA
GetOEMCP
lstrcpyA
ResetEvent
OutputDebugStringA
LocalShrink
HeapCreate
HeapAlloc
GlobalUnWire
ClearCommBreak
CloseHandle
CompareFileTime
CreateFileW
DebugBreak
DeleteFileW
EnumLanguageGroupLocalesW
ExitProcess
FindFirstVolumeMountPointA
GetACP
GetCommandLineA
GetCurrencyFormatA
GetDefaultCommConfigW
GetModuleHandleA
GetVersionExA

ole32

CLSIDFromString
CoBuildVersion
CoCreateGuid
CoCreateInstance
CoFileTimeNow
CoGetMalloc
CoTaskMemAlloc
CoTaskMemFree
CreateAntiMoniker
StringFromGUID2

dbghelp

StackWalk

comctl32

FlatSB_GetScrollRange

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ