8c09bb4ed5cf8405cf639f36a499227e | Triage

Sharing

General

Target

8c09bb4ed5cf8405cf639f36a499227e
Size

474KB
MD5

8c09bb4ed5cf8405cf639f36a499227e
SHA1

feb2e2add73397eae33c244fce664649c77509b6
SHA256

7db112308db055d5cfc11df56520946501e4655a4844a6240f1f9eabaa29e7b7
SHA512

a60f4e0b3b1400a40dbad3e1c67ab6d377b253868b96d59b6298a449380dbd8ab7c402d1c0d13e23cfca411f1df0d5181619d569a4c3325cd00c5a4b07cbe579
SSDEEP

12288:dl/GrZrbl8ZoeXvNALsUwBs421swB3XdVh7Dmf9j403euF:dlKhl8/XvKLsUwGxVtVh7+9403v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c09bb4ed5cf8405cf639f36a499227e

Files

8c09bb4ed5cf8405cf639f36a499227e
.exe windows:4 windows x86 arch:x86

167b809afad029fee62c0fadbdbe44b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GlobalFindAtomA
GetExitCodeThread
GetThreadPriority
TlsFree
VirtualAlloc
IsDBCSLeadByte
CompareStringA
CreatePipe
GetConsoleCP
GetThreadLocale
GetShortPathNameA
GetStdHandle
CreateThread
SetEvent
GetProcessHeap
ReleaseMutex
GetModuleHandleA
GetUserDefaultLangID
GetOEMCP
CreateMutexA

user32

ShowWindow
GetClassNameA
ValidateRect
CloseWindow
RegisterClassA
GetWindowTextA
ReleaseDC
GetWindowTextLengthA
GetSystemMetrics
GetFocus
GetDC
ReleaseDC
InvalidateRect
GetForegroundWindow
IsIconic
GetActiveWindow
GetClassInfoExA
IsWindowVisible
GetWindow

shell32

SHBrowseForFolderA
SHCreateShellItem
SHGetFileInfoA
SHGetFolderPathA
SHChangeNotify

secur32

AcceptSecurityContext

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ