8b184baaac1a22825e0a4dd8366125c4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b184baaac1a22825e0a4dd8366125c4
Size

16KB
MD5

8b184baaac1a22825e0a4dd8366125c4
SHA1

5cc6fb58f188aac5ac6109a78fe7048ea5ae5810
SHA256

cbc017ed49c1774fa0d86fb058886f1cb4dfef81ec7d7e6e67e7017c7678ee02
SHA512

87e2696f571f378c09cf86d5e044c7d341fe15609df4162c2b1c33b027339d0de4163d8be1f6f218593fda4ea2698fcd5b9e68f300dc54ee356d93ea70821c09
SSDEEP

192:6FIzboxP/P9rx77LrvjJGtK8XYnW/uNnDsjk6Y1tu:D0x9FbzjQ7gW/udDOk6Y1tu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b184baaac1a22825e0a4dd8366125c4

Files

8b184baaac1a22825e0a4dd8366125c4
.exe windows:4 windows x86 arch:x86

d6d926d3556e342e6e219762b5959af9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetCommandLineA
GetACP
GetAtomNameA
GetUserDefaultLangID
WaitForSingleObject
InterlockedExchange
ResumeThread
GlobalSize
VirtualProtect
GetConsoleCP
GetVersion
HeapCreate
GetSystemTime
lstrlenA
GetConsoleDisplayMode
LocalLock
GetModuleHandleA
LoadLibraryExA
WaitForSingleObject
SetLastError

user32

GetFocus
FrameRect
ReleaseDC
SetForegroundWindow
wsprintfA
BeginPaint
ShowWindow
GetCursorPos
EndPaint
GetDC
AnyPopup
GetClassNameA
GetTitleBarInfo
DrawTextA
FillRect
GetParent
GetWindow
CreateIcon
DragDetect

ntshrui

DllGetClassObject
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
DllCanUnloadNow

msacm32

acmFilterEnumA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ