8fb0ef50f3311902f675d1aeaf1ad9af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8fb0ef50f3311902f675d1aeaf1ad9af
Size

39KB
MD5

8fb0ef50f3311902f675d1aeaf1ad9af
SHA1

1cfa4a0a2417355f11cb3b552ad23254af6e10fd
SHA256

c62ce8169432ed0a68ac7bd04c76e1cbc01b9e62a7644e7d49fe1a64abc63854
SHA512

8831e788d6b510f648f27bc9d1c457b2706319d9d70ca338f523957b8a1d44572028da4974fd172dd2d447448c1f83ddc7528df71178f71096371765a741a06d
SSDEEP

768:TdhXt1n4UiFc7MhA6BWMOzn3esgwhnomDyPaFQZDXHAg:7uc74EuMhDyPaeXAg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fb0ef50f3311902f675d1aeaf1ad9af

Files

8fb0ef50f3311902f675d1aeaf1ad9af
.exe windows:4 windows x86 arch:x86

4cb89564147137d5b233e46cce0f1666

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
DebugBreak
ExitProcess
GetSystemDirectoryA
GetTapeStatus
GetTempFileNameW
GlobalReAlloc
SearchPathA
WriteProfileStringW

advapi32

ClearEventLogW
ConvertSecurityDescriptorToAccessNamedW
CreatePrivateObjectSecurity
CryptVerifySignatureW
DeleteAce
GetMultipleTrusteeA
IsValidAcl
LogonUserA
ObjectCloseAuditAlarmW
OpenEventLogA
OpenProcessToken
RegCreateKeyExA
RegEnumKeyExW
RegEnumKeyW

user32

CharToOemBuffA
EnumDisplayDevicesA
FindWindowA
GetClassInfoA
GetListBoxInfo
IsIconic
LoadCursorFromFileW
RedrawWindow
SendIMEMessageExA
SetCaretBlinkTime
SetScrollRange
SetWindowTextA
ShowCursor

shell32

DllGetVersion
DragQueryFileAorW
ExtractAssociatedIconExW
ExtractIconA
ExtractIconExA
ExtractIconResInfoW
PrintersGetCommand_RunDLL
RegenerateUserEnvironment
SHAddToRecentDocs
SHEmptyRecycleBinW
SHFileOperationW
SHGetMalloc
SheChangeDirW
SheFullPathA
ShellExecuteEx

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE