8dbe6c0150640651b49b2d53af01c455 | Triage

Sharing

General

Target

8dbe6c0150640651b49b2d53af01c455
Size

238KB
MD5

8dbe6c0150640651b49b2d53af01c455
SHA1

718dc7166ea20cfd7d8305eb92c5fe7061231786
SHA256

8a56664b8baebc9274d4351af35246b3bd146b54158c818f11a17938f701ec2d
SHA512

1811d053a74c8242c2134bc63a3b4abddcba6a7ee3d2c6fe9cfe3902866de4cf39e8763b8210fdb99afbb03110b6242987308ec010d33dbef34d94593c91d5c3
SSDEEP

6144:JsabN6fteq71yzjy95uw6Amr3/FxLoN5nQ8/SOSfan:CaOez2zzjm7/FxM/nx/z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dbe6c0150640651b49b2d53af01c455

Files

8dbe6c0150640651b49b2d53af01c455
.exe windows:4 windows x86 arch:x86

0b696929f9ea0c7232b899b6bf9a8179

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
CloseHandle
GetCurrentDirectoryA
GenerateConsoleCtrlEvent
GetLocalTime
FindClose
FindNextFileA
FindFirstFileA
EnumResourceLanguagesA
WideCharToMultiByte
ReadFile
WriteFile
SetFilePointer
GlobalHandle
IsDBCSLeadByte
GetModuleHandleA
VirtualProtect
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess

user32

SendDlgItemMessageA
IsDialogMessageA
SetWindowTextA
GetWindowRect
GetWindowPlacement
SystemParametersInfoW
CallWindowProcA
DefWindowProcA
PtInRect
DeferWindowPos

oleaut32

DispGetIDsOfNames
DispGetIDsOfNames
SafeArrayRedim
CreateErrorInfo
SafeArrayAllocDescriptorEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

comdlg32

GetFileTitleA

oledlg

OleUIBusyA

Sections

.text
Size: 133KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE