8f11f15325b17f7676651fa80951ded6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f11f15325b17f7676651fa80951ded6
Size

28KB
MD5

8f11f15325b17f7676651fa80951ded6
SHA1

046019634414a4a63b4c69dc5fa3b2b2e9e7870d
SHA256

41cdbb0fbe8a021eacac4f781fc82885aaa00789a023087a59475b157f28a122
SHA512

1494ca6cb863258bb683b5f9acccd62b7748292b49863fec58b7d0ad2b85f66dc61701dea5d54cd4a5ac182a357977bf09ea0c79229d2de9a76029a21d018d99
SSDEEP

96:EfPuQdmRjk4IeffkfYHiKPtboynOC1UTeiHkh5B4QBWkbACuYL0mm3/M3RFj9Pv+:En323fsfYHiKP1oyn7OH84FCLKq3u6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f11f15325b17f7676651fa80951ded6

Files

8f11f15325b17f7676651fa80951ded6
.exe windows:4 windows x86 arch:x86

44ecb6a4e97182f8f59ad0ae6076db13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
SetLastError
WideCharToMultiByte
GetConsoleCP
CloseHandle
GetLastError
OpenMutexA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA

ndlhqvseulz

TPVKsASxdta

odjstatl

JXTfmKTOpXr

dbnthpfpbyhv

YcEoRInOJEDE

ws2_32

gethostname

msvcrt

_exit
_controlfp
_except_handler3
__set_app_type
fclose
fread
??2@YAPAXI@Z
rewind
__p__fmode
fseek
fopen
_errno
_wtol
ftell
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ