8e42a4203390946e48ddc415e9ec4e55 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e42a4203390946e48ddc415e9ec4e55
Size

42KB
MD5

8e42a4203390946e48ddc415e9ec4e55
SHA1

d58a96455d5004cb51188165e28c63d86277034d
SHA256

c6320f5fbfc20c413c878dce45e824419a0967f53c88e94d41070f7d5cc15682
SHA512

232c44b01fb058ce6104c7c2db5d27d4ec8d8b3a2f76598c30f7cf8562f1b3c76c87f6d99fc635964ee2ea687ee7bdc1a015b24cf25275174eeea3f604e10ab9
SSDEEP

768:/IItNbRi4Mat6FU5q06N+yp136F6AhePf8BPUelHv/DSrZdcuim3rxP0FQo:/LvbRM0K+63FAhY859v+br790x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e42a4203390946e48ddc415e9ec4e55

Files

8e42a4203390946e48ddc415e9ec4e55
.exe windows:4 windows x86 arch:x86

d396fd01044369c9889d41efeb6ec463

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetEnvironmentStringsA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetVersion
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
ReadProcessMemory
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
SizeofResource
TlsFree
TlsSetValue

msvcrt

__getmainargs
__p__commode
__p__fmode
__set_app_type
exit
fprintf
realloc
wcslen

user32

EnumWindows
GetClassNameA
GetMenuItemCount
GetSubMenu
MessageBoxA
SetClipboardData

winmm

mmioSendMessage
mmioStringToFOURCCA
sndPlaySoundA
timeBeginPeriod
mmioOpenA

Exports

Exports

CaptureDeviceDialog
CloseWZCDbLogSession

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ