8cae1bf1586c7b6e3bedc7849092a9d0 | Triage

Sharing

General

Target

8cae1bf1586c7b6e3bedc7849092a9d0
Size

65KB
MD5

8cae1bf1586c7b6e3bedc7849092a9d0
SHA1

b57579c4ed89f45e209d20c888a97fe2fb494ca4
SHA256

f96398e08146f11fc6118ac5db8d4d04d62a6dc81c26b688966bffc937f6f237
SHA512

175dad8a74263c596609af198f77728c941b773797afa48f518ee64ffe60f8ed59ad1e72eac9b28984bb822f2396dc554a617b123a9cf7261164789efe21b369
SSDEEP

1536:TcFOt3nqVohapzxPJdWdsDTy6xiIFCF1hJLS:4IqVNPJKsXy6ibJLS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cae1bf1586c7b6e3bedc7849092a9d0

Files

8cae1bf1586c7b6e3bedc7849092a9d0
.dll windows:4 windows x86 arch:x86

9595bc45c5ef801875182987affa9066

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetProcessVersion
MoveFileA
VirtualProtect
GetTempFileNameA
CloseHandle
GetCommandLineA
GetStartupInfoA
ExitProcess

ntdll

LdrUnloadAlternateResourceModule
ZwQueryMutant
RtlValidRelativeSecurityDescriptor
NtOpenThread
NtMapUserPhysicalPagesScatter
RtlAppendUnicodeStringToString

Exports

Exports

EndLduxnyqxdwm
Bkvhqdkqo

Sections

.text
Size: 4KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lrslr
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ