8f30b018b986b5a25bfe5aca31966506 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f30b018b986b5a25bfe5aca31966506
Size

101KB
MD5

8f30b018b986b5a25bfe5aca31966506
SHA1

4031b5e837dcf809f530dbfb13dedef61f4408ab
SHA256

0cc28ab95ce198da4a4022e859ac357fc00780f8fae76e2a4b7b07fb0d9ca7fa
SHA512

56b69b86764818ef40e94db5f52155ec68df0d3cadc8dddc326cbf06ee107ebfcd5d3087f84f43484bfa5b63872af76ff3ff6982aa2f090ff8d7483391c85454
SSDEEP

3072:iidgN8b2GP0YyT09WUoQPJVZZKn+tYKmU4uH:bgNqvyT0bpZC9m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f30b018b986b5a25bfe5aca31966506

Files

8f30b018b986b5a25bfe5aca31966506
.exe windows:4 windows x86 arch:x86

264a757fa2abb7b7a48907448662aa0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
GetTickCount
SetFilePointer
GetCurrentProcess
CreateProcessA
DeleteFileA
MultiByteToWideChar
ReadFile
GetModuleFileNameA

ole32

OleCreate
OleSetContainedObject
CoInitialize

user32

TranslateMessage
DispatchMessageA
CreateWindowExA
UpdateWindow
DestroyWindow
DefWindowProcA
SetWindowLongA
MessageBoxA
PostQuitMessage
GetWindowLongA
GetMessageA
ShowWindow

advapi32

RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ