8bb506a50b1198c959a8ce6f6ba1ecf1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bb506a50b1198c959a8ce6f6ba1ecf1
Size

356KB
MD5

8bb506a50b1198c959a8ce6f6ba1ecf1
SHA1

09f8f42383a2b1c9ccf8a65adb04f1d730480c48
SHA256

6a7115e2e8d94c93c00929877394536265405a60c235da5c9e4ae4a3956e70af
SHA512

2f873554b2a840b0bd3f7161ae9779b626e8866ec6f07939c98019688646e633e3c69287054deea2e5b1de64d8602c8c4b5373454c820704202c3b360c90465c
SSDEEP

6144:P0fHOlnN9hw5XDSlfcDInMirz//e8wXrl4YT0Q9A5IHb0hbOz+pVxwSixTGdP:P0/Izy5XDSla5Mz+8G4Y4Q9OI70ho+p3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bb506a50b1198c959a8ce6f6ba1ecf1

Files

8bb506a50b1198c959a8ce6f6ba1ecf1
.exe windows:4 windows x86 arch:x86

11ec5485eac28681c870a43323f16599

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
SetEvent
EnterCriticalSection
EnumCalendarInfoW
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ResetEvent
GetSystemInfo
GetTempFileNameW
GetSystemTime
IsBadWritePtr
TerminateProcess
OutputDebugStringW
SizeofResource
LockResource
GetWindowsDirectoryW
SetThreadPriority
GlobalAddAtomW
AddAtomW
FlushFileBuffers
GetTempPathW
lstrcmpW

oleaut32

VARIANT_UserFree
GetAltMonthNames
VarI8FromR8
LHashValOfNameSys
OACreateTypeLib2
OleCreatePropertyFrame
RevokeActiveObject

msvfw32

ICInfo

Sections

.text
Size: 236KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE