8de971258dd0fc524c39ac95d77f7641 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8de971258dd0fc524c39ac95d77f7641
Size

33KB
MD5

8de971258dd0fc524c39ac95d77f7641
SHA1

50ef2744e478fbadc77593a943b04a9a7ff0df23
SHA256

54fd7db83ab4f907a47c2d971096c0096655cc0f14c784f0430f03ec77b6a97a
SHA512

305e56a38ccdc84419d8fa3f40da9e9b22a1e20105487d9ea722cbfc1a00eba873464849be96e2da41f99028ffcb79d4fa12196beb718dfdbb2b60448e736aba
SSDEEP

768:1FTAA0WykJnKiVHH0i8rNSrUUGNIJmW8MVI:11A1c5V0GMnfM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8de971258dd0fc524c39ac95d77f7641

Files

8de971258dd0fc524c39ac95d77f7641
.exe windows:4 windows x86 arch:x86

764e46b4e886fb56ad221fd03be8b7a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdePostAdvise
CascadeWindows
ClientToScreen

msvcrt

_mbccpy
_mbctombb
_mbsdec
_pctype
_snprintf
_snwprintf

kernel32

CompareFileTime
CopyFileW
CreateThread
DefineDosDeviceW
EnumResourceTypesW
GetCommConfig
GetConsoleWindow
GetDateFormatW

Sections

.text
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE