8dd50f440216ad50f9551cd9df8b9b51

General

Target

8dd50f440216ad50f9551cd9df8b9b51
Size

280KB
MD5

8dd50f440216ad50f9551cd9df8b9b51
SHA1

1816cfed0896360b354982af961626cf7c109d4d
SHA256

9c44bfa6666d256a24f6fab6f27c2b0653a14b049850fb38387eb30b807e3578
SHA512

3840b78e48353bfe9eb6c40085a0ac20812ccd17e84c9c3937c57d973f7c0508c7411ee78e8cbe74ece1727ab2188304d7c9f05ff82677b10463cba64cdfdbe9
SSDEEP

6144:MmLzS/UleX6mnPHwJnGJIxUNwYCDZnAsWZOXyNzHXKGVjoBgus9e2:lSqkbvgiIKmYCDK3ZyuzH6Ckgu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dd50f440216ad50f9551cd9df8b9b51

Files

8dd50f440216ad50f9551cd9df8b9b51
.exe windows:4 windows x86 arch:x86

2750935a022b9c065ff6b228586a42c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
GetComputerNameA
GetTickCount
SetUnhandledExceptionFilter
GlobalAddAtomW
DeviceIoControl
GetVersionExA
GetCurrentProcessId
GetModuleHandleW
RaiseException
SetLastError
HeapAlloc
TlsAlloc
GetLocalTime
GetDiskFreeSpaceA
GetStartupInfoA
TlsFree
GlobalMemoryStatus
GetModuleFileNameA
TerminateProcess
TlsGetValue
RtlUnwind
EnumResourceNamesA
TlsSetValue
OutputDebugStringW
CloseHandle
GetCommandLineA
QueryPerformanceCounter
GetFileType
GetVersion
GetProcessHeap
GetCurrentThread
GetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcess
HeapFree
InterlockedExchange

gdi32

BeginPath
Rectangle
SetROP2
LineTo
PolyBezierTo
GetWorldTransform
FillPath
CloseFigure
IntersectClipRect
SelectClipPath
EndPath
SetBrushOrgEx
SetGraphicsMode
PolylineTo
GetClipBox
CreatePatternBrush
MoveToEx
GetStockObject
GetGraphicsMode
PolyDraw

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2750935a022b9c065ff6b228586a42c3

Headers

File Characteristics

Imports

kernel32

gdi32

setupapi

Sections

.text Size: 145KB - Virtual size: 144KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 131KB - Virtual size: 130KB

.reloc Size: 1024B - Virtual size: 388KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 131KB - Virtual size: 130KB

.reloc
Size: 1024B - Virtual size: 388KB