8dcdae03f65a302b9ce27302d3052845 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8dcdae03f65a302b9ce27302d3052845
Size

100KB
MD5

8dcdae03f65a302b9ce27302d3052845
SHA1

822471e7d4049fabdebd9c2c1870fce806f2b3db
SHA256

6e89200552251bf28b770459778803cfcfcdefe53e166f32231941fde51f1c66
SHA512

4418bd9aeb7efed0bdc514c1336192aa12c832a980357ada68d7c825aec3dfa2af8a9d50c61892110dc44f999ea233b981acadc3de82a8d9e98b33cde7c8897c
SSDEEP

3072:78EQSscqXGSfjvUFQFOBd+8H8r/PpqxPVAv802U4C:IE/vSf7Ul9cLL8qP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dcdae03f65a302b9ce27302d3052845

Files

8dcdae03f65a302b9ce27302d3052845
.exe windows:4 windows x86 arch:x86

10d6f125dcd034a1c2a61d13082b1834

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
GetModuleHandleA
GetLastError
GetModuleFileNameA
CreateProcessA
DeleteFileA
GetTickCount
GetCurrentProcess

ole32

CoInitialize
OleCreate

user32

GetSystemMetrics
ShowWindow
PostQuitMessage
DefWindowProcA
DispatchMessageA
SetWindowLongA
GetMessageA
DestroyWindow
GetWindowLongA
CreateWindowExA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ