8fc0b8c201a1a4c286f854d1b36b9f96 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8fc0b8c201a1a4c286f854d1b36b9f96
Size

75KB
MD5

8fc0b8c201a1a4c286f854d1b36b9f96
SHA1

2669cbdcc93ff13518f3e6216df39ee1006c96b3
SHA256

638cfc66ab134df9b2269a5203942ab625df899b826f7eb3f18acbf96f300445
SHA512

d21c293f5ad45ac56854fb2711e93dea597038c90b722bcfe0fe6713799dd3682bcf4f950b892261db00bcc9a0147592587477baf5ab1b14056ee71284c9292d
SSDEEP

1536:PGSUmzHnbLvDa9uuzU/6ah9yKAZV1p0IkZl6:PC47XUAiaqLZPp1kq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fc0b8c201a1a4c286f854d1b36b9f96

Files

8fc0b8c201a1a4c286f854d1b36b9f96
.exe windows:4 windows x86 arch:x86

1a393a2f1e45d5eaf36714c6f59de495

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
GetCommState
RaiseException
DeleteAtom
ClearCommBreak
GlobalCompact
EnterCriticalSection
LoadResource
GetOEMCP
GetProcessHeap
GlobalFree
GlobalFindAtomA
ExitThread
LoadLibraryExA
GetStdHandle
GlobalAddAtomA
LocalSize
VirtualAlloc
GlobalLock
lstrcpyn
CloseHandle

user32

GetForegroundWindow
GetWindow
ReleaseDC
RegisterClassA
ShowWindow
GetFocus
GetClassInfoExA
BeginPaint
GetParent
GetClassNameA
CloseWindow
GetWindowTextA
GetActiveWindow
GetDC
GetWindowTextLengthA
ValidateRect
DrawEdge
IsIconic
EndPaint

wsock32

WSAAsyncSelect
WSAGetLastError
WSAIsBlocking
WSACleanup
WSAStartup

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ