8a94632dbd97a2f77dec118e6166986d[.]bin | Triage

Sharing

General

Target

8a94632dbd97a2f77dec118e6166986d.bin
Size

101KB
MD5

8a94632dbd97a2f77dec118e6166986d
SHA1

6b76a8f419c428cf738b0e879d0a0b8821174182
SHA256

8e0dfda2fdc57723bd4107202d4cb26ff23723b29df0549bf2e9ca3ef86ee277
SHA512

453a9ac5d93015cd6f7c5b65538b854581558e697691ad111e1ab82652e4b010cf1ae721096aa501bfb3197fb219046ef6c6fcbb8b66c4acfb7baa05da7fe7d0
SSDEEP

1536:Vyxx+Z7Oypa1uQCQzxEDEORmb9ULhRximh5LQngMMCX4mP:+xL2a1OJEORi9anf93MMCoK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a94632dbd97a2f77dec118e6166986d.bin

Files

8a94632dbd97a2f77dec118e6166986d.bin
.exe windows:4 windows x86 arch:x86

c4ce9ad28723d2e502eb222330d3b284

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsContentTypeA
SHQueryValueExA
PathGetCharTypeA

kernel32

ExitProcess
FindResourceA
GetACP
GetVersion
GetCommandLineW
GetModuleFileNameA
GetLastError
GetProcessHeap
VirtualFree
GetFullPathNameA
GetFileSize
GetCommandLineA
IsBadReadPtr
GetCurrentThreadId
GetTickCount
GetStringTypeW
LoadLibraryA
lstrcmpA
VirtualAllocEx
GetStringTypeA
GetSystemDefaultLangID
GetFileAttributesA
GetStartupInfoA
MulDiv

shell32

SHFileOperationA

user32

GetMenu
MapWindowPoints
MapVirtualKeyA
OemToCharA
OffsetRect
IsCharLowerA
GetCursor
CharUpperA

Exports

Exports

_Ngz2BXOD9T
v2uCtw8@8
yjJlU

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ