8f5b7853d78d2ebfe4df3b67da8fafa4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f5b7853d78d2ebfe4df3b67da8fafa4
Size

256KB
MD5

8f5b7853d78d2ebfe4df3b67da8fafa4
SHA1

65fae625953b78bfde60b50cc4b94191993d3387
SHA256

5f62b6fab3bd67d548c404b51485a5f3156d8a27f1555b326c8dcc8e382472d1
SHA512

2b8c5f0483188b7c887d948aa848fc8712362bc5c21ddcd7a15202047939a73e44f19d8a36fcce65faee50194fd6f53a9261b262441da2479920f9dc37533e42
SSDEEP

6144:jwgKcyPlb+HW4Wk6BGSgpVoaCnQZZFMgowiwi1zLcl:jwgK1lZBk6BGJoPQxM8iwWz2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f5b7853d78d2ebfe4df3b67da8fafa4

Files

8f5b7853d78d2ebfe4df3b67da8fafa4
.exe windows:4 windows x86 arch:x86

bd227ba966c127e93fe82f25f211eaca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 222KB - Virtual size: 580KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ccc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE