8b451815058dd0d4bddea99f3f59077e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b451815058dd0d4bddea99f3f59077e
Size

260KB
MD5

8b451815058dd0d4bddea99f3f59077e
SHA1

e3fe1426635184458b75d4b9466ac2d59aa20f4f
SHA256

d00362fadf164575b5cfb30daf83cf766a1fcc5a6903bde5ebacff8bfcc43f6e
SHA512

d1a74367cdbf4967456c58245e7bb1154ebec0dd3e94bdbefb42f41d10f84f3c7b366fbc44ccb57a67e7268edc9aa465500052f78eb28d775323cfe71cdee751
SSDEEP

3072:QDdp+C5ZaRA70l1EGv+GP1yBX88lhK92WalItaPMUAwu+gm0nS0O2:Kd8C5Ny1Es1iLliaCkMUy/mm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b451815058dd0d4bddea99f3f59077e

Files

8b451815058dd0d4bddea99f3f59077e
.exe windows:4 windows x86 arch:x86

3c9d34e6b2bb38b991805975f7cc818b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

user32

CharNextA
GetInputState
GetDesktopWindow
GetMessagePos

gdi32

ExcludeClipRect
GetTextMetricsA
SetBkMode
GetPixel
RestoreDC
LineTo
GetStockObject
OffsetViewportOrgEx
SetViewportOrgEx
SetTextColor
GetDeviceCaps
SelectPalette
UnrealizeObject
MoveToEx
SetColorSpace

kernel32

GetCurrentProcessId
GetCurrentProcess
GetUserDefaultLangID
lstrcmpiW
GetModuleHandleW
VirtualAlloc
GetThreadLocale
lstrlenA
GetCurrentThread
GetTickCount
GetCurrentThreadId
GetCommandLineW
GlobalFindAtomA
DeleteFileW
DeleteFileA
lstrcmpiA
GetConsoleOutputCP
IsDebuggerPresent
GetModuleHandleA
lstrlenW
GetACP
CopyFileA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ