8b3f9452cab5ab8399f6263ed0816390 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b3f9452cab5ab8399f6263ed0816390
Size

178KB
MD5

8b3f9452cab5ab8399f6263ed0816390
SHA1

2dbde24a25bd2da7f81c77309e40c047a6dfaab3
SHA256

4a7ca8569afb299fba570796db6c9f247f97b60b475e6ea516598670858c383c
SHA512

99934e6f0dbf0f62a17025169f130a49be29c5315e0dd16eb2ce124f007a319e21ab5b232c94362eef50be8a219ef10a1544de951f30671bee1276a480c31ede
SSDEEP

3072:jSAbROg+BpKqKQBO1WS64xpGQsBuf5TFxSSy9qo4H:mBN7c964xpnf5pxSWo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b3f9452cab5ab8399f6263ed0816390

Files

8b3f9452cab5ab8399f6263ed0816390
.exe windows:4 windows x86 arch:x86

7a4835745a311643369d804803fbe13c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

kernel32

GetCalendarInfoW
HeapFree
GetSystemTime
HeapDestroy
LeaveCriticalSection
CreateFileW
SizeofResource
LockResource
lstrcpynW
LoadLibraryExW
LoadResource
EnumResourceNamesA
LoadLibraryW
SystemTimeToFileTime
GetVersionExA
GetProcessHeap
FindFirstFileW
GetStdHandle
FindResourceA
HeapAlloc
GetModuleHandleA
WriteFile
CloseHandle
FindResourceExA
TerminateProcess

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ