8ef44a291dd2e4a3890e8f44e134c157 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ef44a291dd2e4a3890e8f44e134c157
Size

56KB
MD5

8ef44a291dd2e4a3890e8f44e134c157
SHA1

3df8b9699b2441ec5d9213427780c554bc980621
SHA256

6c7ce856cf3ff9c00d7c3935b4673cc5259a0b72e71889a5b8c07314d2d9382f
SHA512

c6315f002e7de4c7cabf8b303df30bc1abd4a65690b1a08b3b74b6170421120c3062eefdc806ed9ae0b0deae8ef821b82b4993782e1136f867d599343efb8868
SSDEEP

1536:QYzsbh9FgHsB2ehVCoHgjqEMpbMQrl6raJ+QkO1V7G:QKsbh94BuDE+M04OJ+QkGC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ef44a291dd2e4a3890e8f44e134c157

Files

8ef44a291dd2e4a3890e8f44e134c157
.exe windows:4 windows x86 arch:x86

9bf7c338c454ea9c53885e86b8384c4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCompressedFileSizeW
FormatMessageW
GetFileTime
GetPrivateProfileStringA
NumaVirtualQueryNode
ResetWriteWatch
GlobalUnWire
GetVolumePathNamesForVolumeNameW
SystemTimeToTzSpecificLocalTime
GetProfileStringW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE