8e0c0a71820d416a78e4dcce2697ce18 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e0c0a71820d416a78e4dcce2697ce18
Size

169KB
MD5

8e0c0a71820d416a78e4dcce2697ce18
SHA1

c55c256556c965240ed4bb4b4a56e625e84398f8
SHA256

23c8ac3dc0f0ee512eb2e997c746ac5a35ecc6e78714928ffa12758bea3705db
SHA512

1cdd48373ca26d53eb2ad12c3c18096ed90c19e7f5a07b63d5eda424afebadcbfcdf2254606e4c5ebc3bb2059ee9fff91e63b36799dee77704d135974716c91c
SSDEEP

3072:WO1Ub0YZ2kQwsofGFuf6VbShJWVr0U6D65qN4DXHGMRs6j3MC8L:WHYGfGkfJhJq0WcgXHzeW3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e0c0a71820d416a78e4dcce2697ce18

Files

8e0c0a71820d416a78e4dcce2697ce18
.exe windows:4 windows x86 arch:x86

a5758a43b1f7cc1b89e7670250a1eed0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
wsprintfW

kernel32

GetShortPathNameW
LoadLibraryA
CreateFileA
IsDebuggerPresent
InitializeCriticalSection
GetModuleHandleA
SetHandleInformation
GetCurrentThreadId
DeleteCriticalSection
CloseHandle
EnumResourceTypesW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcessId
GetProcAddress
GetLastError
LocalFree
GetVersionExA

ole32

StgCreateDocfile
StgOpenStorage

msvfw32

ICSendMessage
ICOpen
ICClose
ICDecompress

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ