8b920a80291063ba3a825a7da35e7912

General

Target

8b920a80291063ba3a825a7da35e7912
Size

169KB
MD5

8b920a80291063ba3a825a7da35e7912
SHA1

948420233953ba706282696732e82d31949ced4e
SHA256

90f61cd6299a1e2ed0c83462b857a6111e52180a61fd74d7af6fc28d3139f7c0
SHA512

d65463bfd24f5f915ada5c3a2ee25d0776119b8374e186ecc4dc9ed6af2d16ed3e4071ae8dcbe92a083ab1c4672addb792de3e1d56fc94bfd5d4000c5a55d199
SSDEEP

3072:I28MTv/koT+haeiOy24R/TlQ3N5FloSMBtPGexVJp+6Yi+OQ:I2jvsoTEatb54N5FydBte96Yi+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b920a80291063ba3a825a7da35e7912

Files

8b920a80291063ba3a825a7da35e7912
.exe windows:5 windows x86 arch:x86

9075fa20b8167c1e3e98a806ac3d96b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\oGrb\mTlru\gxvRqWc\lSvPRy\wyko.pdb

Imports

kernel32

GetModuleHandleW
lstrcmpW
FindResourceExW
lstrlenW
GetProcAddress
GetFileType
FreeLibrary
GetStringTypeA
GetTempPathW
GlobalLock
GetLocalTime
GetACP

ntdll

_aullrem

user32

GetSubMenu
LoadAcceleratorsW
WindowFromDC
SetDlgItemTextW
GetKeyState
GetSystemMetrics
SetLastErrorEx
CreateWindowExA
FindWindowExW
SetClassLongW
SendDlgItemMessageW
LoadIconA

gdi32

RoundRect
PatBlt
GetNearestPaletteIndex
SetWindowExtEx
CreateFontIndirectW
GetPixel
Escape
ExcludeClipRect
ScaleWindowExtEx

Exports

Exports

?dEdSUNCitxSfcDX@@YGEF@Z
?hTsqyuFxmovkp@@YGXF@Z
?HsFkgawdmgodweuCRF@@YGPAXD@Z
?wlqkXjMiasDcipbbdwaEt@@YGXPAEI@Z
?EkAgbOZbgfK@@YGGI@Z

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9075fa20b8167c1e3e98a806ac3d96b5

Headers

File Characteristics

PDB Paths

Imports

kernel32

ntdll

user32

gdi32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 141KB - Virtual size: 217KB

.crt Size: 3KB - Virtual size: 3KB

.edata Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 141KB - Virtual size: 217KB

.crt
Size: 3KB - Virtual size: 3KB

.edata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 2KB