8ed742a840dc536d5618d3e91745d2db

General

Target

8ed742a840dc536d5618d3e91745d2db
Size

275KB
MD5

8ed742a840dc536d5618d3e91745d2db
SHA1

af869e3a2d6f3140700f8698292c25695faa516b
SHA256

8aec950e911dd4c1c6aa556d48a30e2450e523f4195993bceb958da1f25f7aee
SHA512

43bfa7c9070e1120893f6bca77ae436181ecf2f1a5c696ea3b1655a6e222f8dbc27f4f20ed93b18afba21e54a7d68610985cf504e06f192e914c7ed069eb7853
SSDEEP

6144:ML4w0DET21c02HGjDHwRFHnbSuniNR63ZLfIMCJvh/59T:hwqET70rjDuF7SuiNRKlIMS5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ed742a840dc536d5618d3e91745d2db

Files

8ed742a840dc536d5618d3e91745d2db
.exe windows:4 windows x86 arch:x86

c1c04c2f856686a24485c905750e34ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualAlloc
InterlockedIncrement
GetStartupInfoA
GetLastError
IsValidLocale
SetConsoleCtrlHandler
VirtualProtect
GlobalSize
GetTickCount
WaitForSingleObject
LCMapStringA
TlsAlloc
EnterCriticalSection
UnhandledExceptionFilter
FreeEnvironmentStringsW
Sleep
SetUnhandledExceptionFilter
DeleteCriticalSection
FreeLibrary
GetModuleFileNameW
GetOEMCP
lstrcmpiW
GetModuleHandleA
InitializeCriticalSection
TerminateProcess
GetEnvironmentStrings
GetExitCodeProcess
GetVersion
CreateDirectoryW
HeapAlloc
GetProcessHeap
SetStdHandle
HeapFree
SizeofResource
SetThreadPriority
ExitProcess
GlobalHandle
SetConsoleCP
TlsFree
GetConsoleMode
VirtualQuery
OpenProcess
GetACP
CreateFileW

msvcrt

__setusermatherr
wcsrchr
_XcptFilter
_amsg_exit
time
malloc
memcpy
_wtoi

user32

SetFocus
MessageBoxA
DrawFocusRect
EnumWindows
GetWindowTextW
GetSysColorBrush
GetMenuState
EnableWindow
TrackPopupMenu
LoadIconW
CallWindowProcW
ReleaseDC

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 766KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1c04c2f856686a24485c905750e34ad

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 228KB - Virtual size: 766KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 228KB - Virtual size: 766KB

.rsrc
Size: 5KB - Virtual size: 4KB