8b8a0492319edda6b9d859a4a3aa72ca

Sharing

Copy URL Twitter E-mail

General

Target

8b8a0492319edda6b9d859a4a3aa72ca
Size

215KB
MD5

8b8a0492319edda6b9d859a4a3aa72ca
SHA1

8c0e814e7d48f7eb7605c5fc87ea5c6614972f9f
SHA256

e4c9b415333d26f5ff43adddd56737ae7f7652f187697f18bc582d04c6b9459e
SHA512

3b2b390ff2bedc82c4a56b7c398f23978fe61d2a976d7ccc9566029d91c986824152e1eba8193a759469c898ece103b4a1b148862aa716516de740044cec5270
SSDEEP

3072:uGIVJENbmeFrmVdRGTWLzuhvhOo/xm2C8GmoYJXYUyt3lEk+/3PPDWTuMPf1dsk:uGIu1qUe6HEzQSz1f+6KMH13

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b8a0492319edda6b9d859a4a3aa72ca

Files

8b8a0492319edda6b9d859a4a3aa72ca
.exe windows:5 windows x86 arch:x86

74fb29f592f7ecad29bd53bf94413079

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\lnCHFvp\xjchi\qxtP\VeuB.pdb

Imports

user32

EndPaint
EnableWindow
DrawTextW
CharUpperW
SetActiveWindow
CopyRect
InSendMessage
GetWindowDC
IsZoomed
SetRectEmpty
SetCursor
GetAsyncKeyState
FindWindowW
GetKeyboardLayout
CharUpperA
SetRect
GetParent
BringWindowToTop
RegisterClassW
GetKeyNameTextW
SendDlgItemMessageW
AppendMenuW
GetShellWindow
GetCaretPos
CharLowerA
BeginDeferWindowPos
TileWindows
CreateIconFromResource
AllowSetForegroundWindow

kernel32

ResetEvent
DefineDosDeviceW
LoadLibraryExW
GetVersionExA
GlobalLock
FindFirstChangeNotificationW
FindNextChangeNotification
MoveFileA
SetHandleInformation
TlsGetValue
AreFileApisANSI
SetFileApisToOEM
CompareStringW
HeapCreate

gdi32

StartPage
LineTo
CreateCompatibleBitmap
MoveToEx
EnumFontFamiliesExW
CreateFontW
CreateDIBSection
PtInRegion
ResizePalette
CreateSolidBrush
GetDIBits
GetWindowOrgEx
GetROP2

comctl32

InitCommonControlsEx
ImageList_Destroy
ImageList_Write
ImageList_GetIcon

Exports

Exports

?XPD_O_WPB@@YGEHK@Z
?MTLACQCBCWapq@@YGPAGD@Z
?LFMUI_B_ITZUq_pxp_A_ZW@@YGJJ@Z
?qg__yf_iwrN__ER@@YGI_NPAH@Z
?HV_O_ldkk_ZMCBVBYI@@YGPADPAIH@Z
?RtqsdvnydvxjQS_HSm_en@@YGEPAJ@Z
?dL_CXGDCMI_P_coqsnY_A@@YGEK@Z
?eOKR_OOEKQP_M_F_Gt@@YGPANDPAI@Z
?_mm_azy@@YGNK@Z
?_JZKT_rj__@@YGMPAMPAJ@Z
?E_VNIKFP_Q_PbBVtxlqe@@YGHG@Z

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 44KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74fb29f592f7ecad29bd53bf94413079

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 33KB - Virtual size: 32KB

.mdata Size: 44KB - Virtual size: 203KB

.data Size: 34KB - Virtual size: 33KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 33KB - Virtual size: 32KB

.mdata
Size: 44KB - Virtual size: 203KB

.data
Size: 34KB - Virtual size: 33KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB