8c4a234519196d6187f1cf0a8b5c7bd1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c4a234519196d6187f1cf0a8b5c7bd1
Size

26KB
MD5

8c4a234519196d6187f1cf0a8b5c7bd1
SHA1

d976363397fbd59a851a1bd05367ec780e8ced00
SHA256

c61b63fbe7fac4b05306c9848d333c861676a89bd597bf2be9920baf4338a610
SHA512

f271d656decc04153632168c2cac06bf7e6aa60a353db61b9b51e4880d032cde8fad2b15e3e58b8b6d2870a7fb63a94221112e736f05c02dfa76230c4972fcf7
SSDEEP

384:Eb5p3Lcoh+Adg41GGS9t3MBi2zbDx2rhlQK4a83sqeqxrdH9ECqvRIVaRzcRPCem:EV9LEA24dSfGwHQHH3BrtCHvoDtva5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c4a234519196d6187f1cf0a8b5c7bd1

Files

8c4a234519196d6187f1cf0a8b5c7bd1
.exe windows:4 windows x86 arch:x86

aab18682c8c3a06c03dedd7a94295617

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrA
RegisterConsoleOS2
GetVersion
SetTapeParameters
Heap32First
GetProcessHeap
MultiByteToWideChar
EraseTape
_lread
VirtualAllocEx
LZCloseFile
GetTickCount
Thread32First

user32

UnlockWindowStation
PackDDElParam
CharLowerA
DdeNameService
OpenWindowStationW
GetDlgItemTextA
GetCursorInfo
GetScrollPos
WINNLSEnableIME
GetKeyNameTextA
LockWindowUpdate
LookupIconIdFromDirectory

Sections

.text
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ