8efbbd6612f416f67d55cad78c17629e

General

Target

8efbbd6612f416f67d55cad78c17629e
Size

19KB
MD5

8efbbd6612f416f67d55cad78c17629e
SHA1

3848f1c2baa78d5972cc5e200667fc5ac11d4f4b
SHA256

78c72e2c49d71e9fff2d06a3cbb6343bfe7c94c01cf7261a376e279d5d9e1fd4
SHA512

e34ed791626d13db5824296b7121460a74b951e745510798fa0ef0e1f5aa3e934a0c569197d88ea2bd15644e071c3654ae8bf9689014d2b138514a365d818ba2
SSDEEP

384:OXdNPDNY2eblmVi27T4dyfAuL3K4qqpoQ:OLDWbR2IdDc3KDqpoQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8efbbd6612f416f67d55cad78c17629e

Files

8efbbd6612f416f67d55cad78c17629e
.exe windows:4 windows x86 arch:x86

39aa7fdc0b94bee31c59455e533674ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
Sleep
CreateProcessA
MultiByteToWideChar
GetSystemDirectoryA
lstrlenA
FreeLibrary
LoadLibraryA
VirtualFreeEx
HeapReAlloc
VirtualAlloc
VirtualAllocEx
WriteProcessMemory
GetModuleHandleA
GetProcAddress
CreateRemoteThread
GetCurrentProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
WinExec
CloseHandle
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetVersion
WideCharToMultiByte
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
HeapAlloc

user32

CreateDesktopA

advapi32

RegQueryValueExA
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

39aa7fdc0b94bee31c59455e533674ee

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 4KB