8b4df75183716ca5c1ae74587efd4e7a

Sharing

Copy URL Twitter E-mail

General

Target

8b4df75183716ca5c1ae74587efd4e7a
Size

858KB
MD5

8b4df75183716ca5c1ae74587efd4e7a
SHA1

83dd3bf09c5a62d49c289e65f9b87228313ae655
SHA256

7b9a4d3824564f5a2bea63693aab2a02ef363a9eaeee4a3b4a76e8fca536c2fc
SHA512

fab1da0dfac0f9d4c209d86f0577c9dfe42c65cd02016593af4395128d44b7b947a8c0af887adf7573951fdf5b1c3b2b03d52fa80285e1ff6cb36fc99fc96ab4
SSDEEP

24576:mEUVWqkWBQsO/Cl8DXP6YtVjWrx6BYunEt1mLg0fP:mVfkt/CMP6msOtSM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b4df75183716ca5c1ae74587efd4e7a

Files

8b4df75183716ca5c1ae74587efd4e7a
.exe windows:4 windows x86 arch:x86

6e8999c960c733d46d2d2bcbf37aec2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogA
SetProcessWorkingSetSize
GetCompressedFileSizeA
WritePrivateProfileStructA
GetProcessAffinityMask
GlobalUnlock
GetProfileSectionA
GetNumberOfConsoleMouseButtons
SetEnvironmentVariableA
GetProcessHeaps
IsBadReadPtr
CreateEventA
CloseHandle
SetMessageWaitingIndicator
GetPriorityClass
ExpandEnvironmentStringsA
SetDefaultCommConfigA
DeleteAtom
GetCommModemStatus
GetTickCount
BeginUpdateResourceA
FileTimeToDosDateTime
CreateFiber
SetHandleInformation
EnumCalendarInfoA
CreatePipe
WriteTapemark
SetConsoleCP
SetHandleContext
GetCurrentThreadId
CreateToolhelp32Snapshot
IsDebuggerPresent
WaitNamedPipeA
GetCurrentProcessId
TlsFree
FreeLibraryAndExitThread
WriteFileEx
FindFirstFileA
lstrcpyn
CreateConsoleScreenBuffer
GetFileTime
GlobalWire
FileTimeToLocalFileTime
WaitForSingleObjectEx
IsProcessorFeaturePresent
FindNextFileA
GetConsoleOutputCP
GetTapePosition
SetCommState
GlobalFlags
lstrcmpA
VerLanguageNameA
SetFileApisToOEM
FileTimeToSystemTime

shlwapi

StrPBrkA
UrlCombineA
UrlCreateFromPathA
PathIsRelativeA
SHRegEnumUSValueA
PathSearchAndQualifyA
SHRegQueryInfoUSKeyA
PathFindOnPathA
UrlHashA
UrlApplySchemeA
SHEnumKeyExA
PathGetArgsA
SHQueryInfoKeyA
StrToIntExA
StrCSpnA
PathAppendA
PathFindFileNameA
SHRegDeleteEmptyUSKeyA
UrlGetLocationA
AssocQueryStringA
SHSkipJunction
DllGetVersion
PathStripToRootA
PathIsFileSpecA
PathIsDirectoryA
PathGetDriveNumberA
PathSkipRootA
SHRegCloseUSKey
SHRegDuplicateHKey
PathMatchSpecA
SHCreateShellPalette
HashData
PathIsUNCA
PathQuoteSpacesA
SHRegGetUSValueA
PathMakePrettyA

Sections

.xirkr
Size: 635KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nkfan
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmz
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ryded
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nqvkr
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vsnob
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bgjkb
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ehopkx
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.veh
Size: 124KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e8999c960c733d46d2d2bcbf37aec2c

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.xirkr Size: 635KB - Virtual size: 1.3MB

.nkfan Size: 5KB - Virtual size: 5KB

.rmz Size: 19KB - Virtual size: 27KB

.ryded Size: 512B - Virtual size: 20KB

.nqvkr Size: 6KB - Virtual size: 15KB

.vsnob Size: 512B - Virtual size: 56B

.bgjkb Size: 512B - Virtual size: 24B

.ehopkx Size: 48KB - Virtual size: 76KB

.veh Size: 124KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.xirkr
Size: 635KB - Virtual size: 1.3MB

.nkfan
Size: 5KB - Virtual size: 5KB

.rmz
Size: 19KB - Virtual size: 27KB

.ryded
Size: 512B - Virtual size: 20KB

.nqvkr
Size: 6KB - Virtual size: 15KB

.vsnob
Size: 512B - Virtual size: 56B

.bgjkb
Size: 512B - Virtual size: 24B

.ehopkx
Size: 48KB - Virtual size: 76KB

.veh
Size: 124KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB