8fbd4bba4e5d748f79076e91941c9e4b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8fbd4bba4e5d748f79076e91941c9e4b
Size

51KB
MD5

8fbd4bba4e5d748f79076e91941c9e4b
SHA1

efd633e0163140e88d3da0c5d9061ec907fe6093
SHA256

7567662d2edfb6607d00d4b823fb1831bcd5caca52b48864be8ca370247a9588
SHA512

890d1d34c6d76389e1c237b63b1adc73a9ef399ebc8e62c85aedc6e0d92d876ddf119fafd1a5a01cf5d52bf82bea1817d090e2e888848d47790df40969eb7a0c
SSDEEP

768:zx2VDggSxZJ6UjoBSvk8gFBBBpH4RwHRieGv0YZFLx1MvzIHprkLoUodtQL:zx2NGZJYKk8eB3H4RkiomR6uprkvodk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fbd4bba4e5d748f79076e91941c9e4b

Files

8fbd4bba4e5d748f79076e91941c9e4b
.exe windows:5 windows x86 arch:x86

b407bfa3981474275ab4509853ced056

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\arwffn\ujjq\MOwZAQWG\cQcu\tEknlb.pdb

Imports

user32

CascadeWindows
ScrollWindow
GetClassLongW
InsertMenuW
GetCaretPos
GetSubMenu
TrackPopupMenuEx
wsprintfA
GetMenuItemCount
GetScrollInfo
RegisterWindowMessageW
CreateMenu

kernel32

lstrlenA
HeapLock
GetThreadContext
CreateRemoteThread
FindNextFileA
GetFullPathNameW
GetSystemTimeAsFileTime
SetCommMask
CreatePipe
CopyFileA
LocalFileTimeToFileTime
AddAtomW
lstrcmpA

gdi32

StretchBlt
GetTextCharsetInfo
SetBkColor
ScaleViewportExtEx
SetBitmapBits
CreateDiscardableBitmap
GetPixel
SetBkMode

Exports

Exports

?drOikOs@@YGXG@Z
?tlmCbcewaQiGJD@@YGMJG@Z
?joUBvmGxvunyyqa@@YGFPAG@Z
?OhwdmcezPaqbE@@YGJG@Z
?thpUkIukc@@YGFPAD@Z
?zomzMkmcp@@YGXPAF@Z

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ