8b5a9d819b14792d9e42a5e07d8ba30a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b5a9d819b14792d9e42a5e07d8ba30a
Size

171KB
MD5

8b5a9d819b14792d9e42a5e07d8ba30a
SHA1

5b624a2b9568efe8402a9684b9dd928415f4dbdc
SHA256

733177c47e9dca4ecbd81c570be6db75aa65ec45111568f7897850c8f92a7234
SHA512

9a6dca6fd87bd71b611d79bbd75055abc238048a07098163a499a6b54640b23ffc45c0e2360f14f53b00e6229d5eb38e78bfd3aa2a6e2eabf95bfef940a475cf
SSDEEP

3072:ryLGfZ/lxq+KR29M+gx/IwOgq3lp4UieQh7WtU7V6IPmflcP7CR04CN:rtfZzIBPOB3DieQh6UbPmtuqe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b5a9d819b14792d9e42a5e07d8ba30a

Files

8b5a9d819b14792d9e42a5e07d8ba30a
.exe windows:4 windows x86 arch:x86

30b62ab1b0b8acebb8d4876d09cea5af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

TlsAlloc
GetDiskFreeSpaceA
GlobalMemoryStatus
TlsGetValue
AddAtomW
QueryPerformanceCounter
SetHandleCount
RaiseException
GetCurrentThread
SetLastError
SetUnhandledExceptionFilter
GetCommandLineA
GetModuleHandleW
GetModuleFileNameA
HeapFree
GetSystemTimeAsFileTime
GetStdHandle
GetTickCount
DeviceIoControl
EnumResourceNamesA
TlsSetValue
RtlUnwind
GetCurrentProcess
GetVersionExA
OutputDebugStringW
TlsFree
HeapAlloc
TerminateProcess
GetFileType
GetProcessHeap
GetLocalTime
GetCurrentProcessId
GetStartupInfoA
CloseHandle
GetVersion
GetComputerNameA
InterlockedExchange

msvcrt

__p__commode
__set_app_type
_ismbblead
_vsnwprintf
_cexit
_vsnprintf
__setusermatherr
?terminate@@YAXXZ
_exit
exit
_amsg_exit
_XcptFilter
__getmainargs
memset
_acmdln
__p__fmode
_initterm
_controlfp

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ