8bc56c9a0af0a65bb1cee38ad5bc4575

Sharing

Copy URL Twitter E-mail

General

Target

8bc56c9a0af0a65bb1cee38ad5bc4575
Size

52KB
MD5

8bc56c9a0af0a65bb1cee38ad5bc4575
SHA1

323628b0ea7fca0efcc3793ab824d5fcb7c217a9
SHA256

56deb5546ce9bfacec1b1626cae704c66cb411d0419934049d0d637df68ab224
SHA512

a384bdc2e5b0bfc73fd8404482f4a21bbfb911ad8de4479031bf142580aa82c8ea0fbe542af4375dd9a85cab078e89b159c001b9d978454cd77f58ef2e9d7c20
SSDEEP

768:wHAzbWZlEhlZ3CbgDDH6MOnIQ7X728RwFOpONaBWHW/0eZNry5elim:oAzbWH+gUDG1n3vRwUpO0MAcgli

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bc56c9a0af0a65bb1cee38ad5bc4575

Files

8bc56c9a0af0a65bb1cee38ad5bc4575
.exe windows:4 windows x86 arch:x86

ab39db948bc2b345f04ff0e4147d342f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\444\Release\444.pdb

Imports

kernel32

lstrcpyA
GetShortPathNameA
GetModuleFileNameA
GetLastError
CreateMutexA
ReleaseMutex
InterlockedDecrement
HeapDestroy
HeapFree
HeapAlloc
lstrcatA
HeapCreate
CreateProcessA
CloseHandle
GetFileSize
CreateFileA
CopyFileA
GetWindowsDirectoryA
GetEnvironmentVariableA
lstrlenA
Sleep
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WideCharToMultiByte
LocalFree
GetSystemTimeAsFileTime
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersionExA
RaiseException
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
HeapSize
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
VirtualFree
VirtualAlloc
IsBadWritePtr
InterlockedExchange
VirtualQuery
SetUnhandledExceptionFilter
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
InitializeCriticalSection
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoA

user32

wsprintfA

advapi32

RegSetValueExA
RegOpenKeyExA

shell32

ShellExecuteA

ole32

OleInitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab39db948bc2b345f04ff0e4147d342f

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 5KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 5KB