8f6f6c3a066384d38a817d7871941b8c

General

Target

8f6f6c3a066384d38a817d7871941b8c
Size

76KB
MD5

8f6f6c3a066384d38a817d7871941b8c
SHA1

4a28f7b63229e91210c7c8b2ff5cc6ff6722aa04
SHA256

5522c8c265e7228408b2829e2bccba207d7911d3cdeb3b5d498ee7a4a2ecbac3
SHA512

4734cea150fe957b18761713152e0914371f98eb67113828cd84e5e350793c4f60ed0d482f3b81a8400f22129edab5f8983ba61f6db21e3ad566d6c533941351
SSDEEP

1536:hVkx5/ealJOiyu/lSyWFnIv8gwtGzElE4CE3wOLwBmrpgaN:hVkx5/ealJOiy4lhWKPwtqT44LBmdj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f6f6c3a066384d38a817d7871941b8c

Files

8f6f6c3a066384d38a817d7871941b8c
.exe windows:4 windows x86 arch:x86

8f141e6acebcb123fafb65f2a9b9bd16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

LoadLibraryA
CreateProcessA
CreateFileA
GetCurrentProcess
CreateFileMappingA
GetThreadLocale
GetStringTypeA
GetLongPathNameW
SetStdHandle
InterlockedExchange
ActivateActCtx
FreeEnvironmentStringsW
GetTempPathA
LCMapStringW
CreateFileW
GetTempPathW
GetProcAddress
ExitProcess
MapViewOfFile
HeapFree
SetInformationJobObject
CloseHandle
ReleaseSemaphore
LCMapStringA
SetFilePointer
SetLastError
GetModuleHandleA
GetStartupInfoA
GetUserDefaultUILanguage
CreateDirectoryA
WaitForSingleObject
GetProcessHeap
ReadFile
CreateProcessW
HeapReAlloc
GetLogicalDriveStringsA
HeapAlloc
GetModuleFileNameA
GetCurrentDirectoryW
GetVersionExA
WriteFile
LocalFree
GetStringTypeW
GetCommandLineA
FlushFileBuffers
FreeLibrary
GetFileSize
TermsrvAppInstallMode
GetTempFileNameW
GetModuleFileNameW
GlobalMemoryStatusEx

ole32

CoQueryClientBlanket
CoLockObjectExternal
OleBuildVersion
CreateDataAdviseHolder

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteA
SHFileOperationA
SHGetFileInfoA

advapi32

RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegCloseKey
RegEnumKeyA
RegDeleteValueA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f141e6acebcb123fafb65f2a9b9bd16

Headers

File Characteristics

Imports

version

kernel32

ole32

shell32

advapi32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 6KB - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 1KB

.rdata Size: 60KB - Virtual size: 91KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 6KB - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 1KB

.rdata
Size: 60KB - Virtual size: 91KB