8b979a1e07689cf27528a4a5a52ce941 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b979a1e07689cf27528a4a5a52ce941
Size

8KB
MD5

8b979a1e07689cf27528a4a5a52ce941
SHA1

9c333a271d2592f0abdfa3820f4f28323d3d364c
SHA256

f89e8893e8b82ea0a9d0c4b81059cca80bb522d23833fd65d6e81bf002056d4d
SHA512

c88f84736e0cf56fd0091ad0441a09c53456d5684a9f62c43b6085e45ef1e376657dabf40e1bc5a5b4d115b53dc65a5bb59101fd5be72704506a59be1d01ec8e
SSDEEP

192:S78Sod/AUMibp4pVweI1BjQ47c++SS7C4kKkp5i14dSEfYq4z:gohAUnN4pfI1247cVSSW4k9u+dyq4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sothr_spr.exe

Files

8b979a1e07689cf27528a4a5a52ce941
.zip
sothr_spr.exe
.exe windows:4 windows x86 arch:x86

d78d74fdc6bfb7bf257d161fb401e520

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\User\Desktop\sothr_sprite_converter\Release\sothr_spr.pdb

Imports

kernel32

ExitProcess
CreateFileA
GetFileSize
VirtualFree
FormatMessageA
WriteFile
GetCommandLineA
GetConsoleMode
SetConsoleMode
ReadFile
GetStdHandle
GetLastError
SetLastError
VirtualAlloc
CloseHandle

user32

wsprintfA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
src.cpp