8fbce4cb48090072cd0ca510beb61e7c | Triage

Sharing

General

Target

8fbce4cb48090072cd0ca510beb61e7c
Size

637KB
MD5

8fbce4cb48090072cd0ca510beb61e7c
SHA1

ffbcfd76759f8700596e335aaec7d2330108c42b
SHA256

70726feb869f3a2807dfacb72c712ac9d6ebbeeefa8dbb40b41a9b6337090c8f
SHA512

5cb21d4610806a18c365919854fcb5acc84d53c4b95e5bac38802adc0edeff9975290cb7613f22591e935915bd5cc144f6c8cc4db86c41230914ef2ddfc46e4a
SSDEEP

12288:96RF2ex4+KhsymXMwZzCii4oY7v1mi93FQZycECfOnEqXoALEuLuYRpIwAFT:9WF2Z+bp8wViCfFQZycEpnEKoALEuL3Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fbce4cb48090072cd0ca510beb61e7c

Files

8fbce4cb48090072cd0ca510beb61e7c
.exe windows:4 windows x86 arch:x86

4b93ee274400783f728059068e527545

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
VirtualProtect
IsDebuggerPresent
ResumeThread
HeapCreate
GetTimeFormatA
GetTapeStatus
HeapDestroy
InterlockedExchange
GetCurrentProcessId
GlobalSize
LoadLibraryExA
GetSystemTime
GetACP
PeekConsoleInputA
lstrlenA
GetUserDefaultLCID
GlobalMemoryStatus
GetCommandLineA
FreeConsole
GetModuleHandleA

user32

GetWindow
GetFocus
GetParent
CreateIcon
GetDC
FillRect
DrawTextA
DragDetect
BeginPaint
GetClassNameA
ReleaseDC
wsprintfA
GetTitleBarInfo
ShowWindow
GetCursorPos
SetForegroundWindow
EndPaint
AnyPopup
FrameRect

ntshrui

DllGetClassObject
IsFolderPrivateForUser
GetNetResourceFromLocalPathA
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA

hnetcfg

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ