8f44001ead76f54e3de59a5c2a1fc1cf | Triage

Sharing

General

Target

8f44001ead76f54e3de59a5c2a1fc1cf
Size

14KB
MD5

8f44001ead76f54e3de59a5c2a1fc1cf
SHA1

31c8fcb059d3528b232669912a62ff1b9934562b
SHA256

e022266893a260c6fbb1a05cea1aa3f50ecdbd6f11d8a484cbbc7bd5f5846aff
SHA512

00b9b0825c2f1247177bec35cd0ae35d7762d416549d6c9cce494ab6894740abbeaeba2a2e976fe42a98f201b485da37d6f9ba20ebd1a3c6d183bb62ec6a2fd2
SSDEEP

192:s7NNvbLkFebkEaxXrxyARM4fDGbPqPtEh7aYKq5rb6zlvvSRS0O:s55bIrxXrZJPGh7aYKWvWY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f44001ead76f54e3de59a5c2a1fc1cf

Files

8f44001ead76f54e3de59a5c2a1fc1cf
.exe windows:4 windows x86 arch:x86

1b681dea93d9bb7bb9f9c9ac8c59b530

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
CloseHandlet
ExitThread
CreateThread

gdi32

CombineRgn
GetObjectW
EnumMetaFile
GetDeviceGammaRamp
GetKerningPairsW
CreateRectRgn
EnumFontFamiliesExW
CreateDIBitmap
GetDCOrgEx

wsock32

WSAStartup
accept
ioctlsocket
GetAddressByNameW

shell32

StrStrIW
DuplicateIcon
ShellExecuteExW
DragQueryFileW
FreeIconList
StrStrA
FindExeDlgProc

Sections

.text
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE