8e9cc14a7639712f2160eb8b709ba247 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e9cc14a7639712f2160eb8b709ba247
Size

213KB
MD5

8e9cc14a7639712f2160eb8b709ba247
SHA1

90be566be8d9fce6b67846c20523ffb2fb1dcd68
SHA256

bd2c454bd483e156ff5f3ceb50e57f7ae0155745b68caec5829fc324ad147bb1
SHA512

52c40026b6aa93ca2141da8d23045838b85a75205dd1305647269af25342259b813f9c6ac4ebb4b2170c29c75bae1aeab708147b36c26246a6bce9778e5063a7
SSDEEP

6144:KwyNcKnABDZwmufZ1bJrPPmJeAjEehcI:FdBledJr3mMCf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e9cc14a7639712f2160eb8b709ba247

Files

8e9cc14a7639712f2160eb8b709ba247
.exe windows:4 windows x86 arch:x86

e473d2d7fd34d63b9f78e38d43e99cfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
ChooseColorA
FindTextA

user32

GetIconInfo
GetDCEx
GetSysColorBrush
CharLowerA
GetForegroundWindow
GetMenuItemCount
IsCharUpperA
GetMenu
IsZoomed
GetCapture
GetDesktopWindow

kernel32

EnumCalendarInfoA
Sleep
VirtualAllocEx
ExitProcess
EnterCriticalSection
GetFileAttributesA
GetStartupInfoA
lstrcmpA
GetStringTypeA
GetEnvironmentStrings
CreateFileA
MulDiv
MoveFileExA
GetTickCount
CompareStringA
GetThreadLocale
GetCurrentThreadId
IsBadReadPtr
GetLocalTime
GetLocaleInfoA
CreateThread

gdi32

SelectPalette
GetPixel
CreateCompatibleBitmap
CreateBrushIndirect
GetBkMode
SetPixel

shlwapi

PathGetCharTypeA

Exports

Exports

4nRvH7jHE@12
_zBv68sriiUR
VFKnyT1HE3ys@8
_Qa_f4y3epmG9

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ