8f4b4ebb86a69264f4071d6e2d131a4c | Triage

Sharing

General

Target

8f4b4ebb86a69264f4071d6e2d131a4c
Size

357KB
MD5

8f4b4ebb86a69264f4071d6e2d131a4c
SHA1

bb5864e0c74e851655db3fb4adbefbbe850e5cb5
SHA256

dce71a88d1a8433e54b432a0966563303c54a9dd475b0b45ea2c7b0528006aca
SHA512

a8f83d53245ae6b29929b4d9f0921e997ba16633c94050a886c809d720038d552b1a7a739c23136cc33ba8e950d0243cda4e6a52b3f44ecfd8921e75a1114035
SSDEEP

6144:4mYI2fiox4qFNhcQ+OTzd+FnfBk3j9Nm8bWcSt2JAJyYXEeH3PTDHUDh/co7ebx+:HqfQqFNhcEV+78Xm8b40AJyO9X3HUV9d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f4b4ebb86a69264f4071d6e2d131a4c

Files

8f4b4ebb86a69264f4071d6e2d131a4c
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 352KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xiaohui
Size: 28B - Virtual size: 28B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ