8bdef5d3a60625ee2ae3c30e3ec8a404

Sharing

Copy URL Twitter E-mail

General

Target

8bdef5d3a60625ee2ae3c30e3ec8a404
Size

166KB
MD5

8bdef5d3a60625ee2ae3c30e3ec8a404
SHA1

b46e9f3de9b2dbf078307b90f2c47350877d0d19
SHA256

641117427e649b56365ea472dafecfa9b33adadb37f59dd63e2dd7590bc2b687
SHA512

917d14cc0389b8490964506f0873e549d7d42b8be047c12ce2fe12180c3b65bfe99bc0884d1239a7a8e52738582f9382f3964a87b0c97c67099c3e19c9050403
SSDEEP

3072:dLVnKCZk+IFAUY/8dWFJVcVvLqCv80KsDFCXlvdHArtX8S+TJ38eHxYIx2X7:dLdk+eAV/8d4AzqCvn9FCXlVgp0NHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bdef5d3a60625ee2ae3c30e3ec8a404

Files

8bdef5d3a60625ee2ae3c30e3ec8a404
.exe windows:4 windows x86 arch:x86

3add6eb6bdc8eda81a08749cb098ae98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
GetACP
FileTimeToSystemTime
GetEnvironmentStringsW
Sleep
IsBadWritePtr
TerminateProcess
GetThreadIOPendingFlag
GetModuleHandleA
GetFileType
TlsFree
ResetEvent
HeapDestroy
MapViewOfFile
SetStdHandle
SetPriorityClass
SetEvent
CreateSemaphoreA
WriteFile
GetPrivateProfileStringA
IsBadReadPtr
WideCharToMultiByte
FreeEnvironmentStringsW
WaitForSingleObject
GetLastError
GetOEMCP
TlsAlloc
MultiByteToWideChar
InterlockedIncrement
HeapReAlloc
RtlUnwind
SetLastError
LCMapStringA
HeapAlloc
DeleteCriticalSection
TransmitCommChar
LCMapStringW
GetProcAddress
GetTimeZoneInformation
IsDBCSLeadByte
HeapCreate
GetPriorityClass
CreateFileW
InitializeCriticalSection
EnumResourceNamesW
GetFullPathNameA
GetCurrentThreadId
IsBadCodePtr
HeapFree
LoadLibraryA
GlobalUnlock
ReleaseSemaphore
HeapSize
InterlockedExchange
GlobalAlloc
GetCPInfo
ExitThread
GetDiskFreeSpaceExA
lstrcmpA
GetEnvironmentVariableA
GetStringTypeW
GetStartupInfoA
GetStringTypeA
GetTempPathA
SetHandleCount
GetStdHandle
TlsSetValue
FlushFileBuffers
ExitProcess
CreateThread
GetModuleFileNameA
CompareStringA
GetTempFileNameA
GlobalFree
GetSystemTime
FreeLibrary
FreeEnvironmentStringsA
SetEndOfFile
WritePrivateProfileStringA
GetCommandLineA
InterlockedDecrement
lstrcmpW
LoadLibraryW
lstrcpyA
CloseHandle
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
CompareStringW
GetCurrentProcess
GetTempPathW
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
RaiseException
GetUserDefaultLCID
UnhandledExceptionFilter
ExitProcess
GetTickCount
CreateMutexA
GetEnvironmentStrings
TlsGetValue
GetFullPathNameW
CreateFileMappingA
GetThreadPriority
SetEnvironmentVariableA

shlwapi

PathAddBackslashA

user32

CharUpperA
wsprintfA
wsprintfW
MessageBoxA
GetKeyState
CharNextA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3add6eb6bdc8eda81a08749cb098ae98

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

msimg32

advapi32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 72KB