8f929dc24cdb92f4db31ee89aec6daeb

Sharing

Copy URL Twitter E-mail

General

Target

8f929dc24cdb92f4db31ee89aec6daeb
Size

83KB
MD5

8f929dc24cdb92f4db31ee89aec6daeb
SHA1

5583137173dc6129a33d6f8d4b45ca0f79d11100
SHA256

2119a3a53eaee4162f05e8534c01665d6d678dac292efdbeb91a2b96c490f106
SHA512

4dde172baab264129f03ae0d2dd654ca49756c90f620e3b22b5225b5b5d86bb4399c9a0e9e0b49f6b00a43849190260a2c7cddbef2d02eef0c7d2f57411fab69
SSDEEP

1536:RYU+PwL36dTtZeYePSL4NpcF3NCe5e/LPmri3R2V8wYdmR8a:RYFwEwRpclUeQ88TBa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f929dc24cdb92f4db31ee89aec6daeb

Files

8f929dc24cdb92f4db31ee89aec6daeb
.exe windows:4 windows x86 arch:x86

61670ef39153ced7d9ddfda788551e13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
FindResourceA
GetStdHandle
LoadLibraryExA
GetThreadLocale
GetOEMCP
HeapFree
GetModuleHandleA
GetCurrentProcessId
SetErrorMode
RaiseException
lstrcpynA
FindClose
SetEvent
GlobalFindAtomA
VirtualFree
VirtualQuery
lstrcatA
GetFileType
LoadLibraryA
SetEndOfFile
ExitProcess
LocalFree
EnumCalendarInfoA
DeleteCriticalSection

user32

CharNextW
TrackPopupMenu
GetKeyboardState
GetCursorPos
SetClipboardData
ReleaseDC
SetActiveWindow
IsCharUpperA
GetClientRect
GetClassInfoA
SetTimer
RegisterClipboardFormatA
IsZoomed
ChildWindowFromPoint
LoadBitmapA
BeginPaint
LoadStringA
GetCursor
CloseClipboard
DestroyWindow
GetScrollPos
ReleaseCapture
GetScrollRange
IntersectRect
DrawIcon
SetPropA
GetWindowTextA
IsDlgButtonChecked
PeekMessageA
ScrollWindow
GetCapture
GetKeyNameTextA
DefWindowProcA
GetParent
PostMessageA
GetPropA
DestroyMenu
IsCharLowerA
RegisterClassA
GetWindowLongA
wsprintfA
CharLowerA
EnumWindows
DefFrameProcA
GetKeyboardType
IsWindowUnicode
UnregisterClassA
IsIconic
GetScrollInfo
GetMenuItemCount
TranslateMessage
GetSubMenu
MessageBeep
GetMenu
SetWindowTextA
GetWindowPlacement
GetKeyState
OffsetRect
SetForegroundWindow
CharNextA
MoveWindow

shell32

Shell_NotifyIconA
SHFileOperationA
DragQueryFileA
SHGetFileInfoA
SHGetSpecialFolderLocation

Exports

Exports

_E37QINg@20
_m8EG3Fzd

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 512B - Virtual size: 326B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61670ef39153ced7d9ddfda788551e13

Headers

File Characteristics

Imports

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 28KB

.edata Size: 48KB - Virtual size: 47KB

.idata Size: 3KB - Virtual size: 2KB

.bdata Size: 512B - Virtual size: 326B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 28KB

.edata
Size: 48KB - Virtual size: 47KB

.idata
Size: 3KB - Virtual size: 2KB

.bdata
Size: 512B - Virtual size: 326B

.rsrc
Size: 8KB - Virtual size: 8KB