8c91cdd4d3223921265e7010ffdd88d8 | Triage

Sharing

General

Target

8c91cdd4d3223921265e7010ffdd88d8
Size

144KB
MD5

8c91cdd4d3223921265e7010ffdd88d8
SHA1

2b76ae86304c21fc571456ea72deeb1764967cc0
SHA256

cf21bdafc9857ebf8c31f5a98434e976b84369ce61c465cc8ba31ef0478ea56b
SHA512

2fa266324d43b7e3a81947a2bbd7dca0bca38904e08e0bbf68022b0fa1c1b718a4df0718ddab81d2c2a14e851219025b23db55018a47045c2d123bdabb2c8242
SSDEEP

3072:0FsKquxoNo6rD6U1wz02gXT2k4rmVmFlb7nVeHikIh1i7Ah:0yju6frD6noRNxEDVcGh1iA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c91cdd4d3223921265e7010ffdd88d8

Files

8c91cdd4d3223921265e7010ffdd88d8
.exe windows:4 windows x86 arch:x86

b37daf68d664cbfc7c47fa2feffbb821

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
CloseHandle
ExitProcess
CreateFileA
GetCurrentProcess
LCMapStringA

user32

wsprintfA
CloseWindow
CreateWindowExA
SetWindowLongA
CharLowerBuffA

advapi32

RegOpenKeyA
RegCreateKeyA
RegCloseKey
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumValueA

Sections

.text
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ