8b4a82d0309b6743537762787c243af0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b4a82d0309b6743537762787c243af0
Size

23KB
MD5

8b4a82d0309b6743537762787c243af0
SHA1

2b0221211e3b4582adc2cc1bce6adad1e70132a0
SHA256

f01a051c46616861e8a0c5a94625e80a3c141c969ec74cc5b28c462d3fe1ab89
SHA512

7ef9808c6455abfde773fad6d343c410c72ce51a55006eb8811dd6a29224f551bb84a46c2658bc2b169e8d8d9604f171778af94270123f89707f8c7b33a036c0
SSDEEP

384:gpuRmw3f1XsnQcpUObYj2dts9LmWfEO22DmxnyAnROrivG0x:ZmKcQ2BMjouyWfEOvDmtyAcr2x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b4a82d0309b6743537762787c243af0

Files

8b4a82d0309b6743537762787c243af0
.exe windows:4 windows x86 arch:x86

281e8a0f2402171fc531c64016d90feb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConvertThreadToFiber
GetConsoleCP
VirtualProtect

shell32

ShellHookProc
StrRChrIW
SHGetInstanceExplorer

Sections

.text
Size: 13KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ