8fba99a9c714e606c9a163a693dae05a | Triage

Sharing

General

Target

8fba99a9c714e606c9a163a693dae05a
Size

383KB
MD5

8fba99a9c714e606c9a163a693dae05a
SHA1

b35f0821f4bce88e9171475adf2aa8afb76a79c1
SHA256

7a0d79f145e23c58c9188166476108e0216d891a17936e496e83fbaf8d41e03d
SHA512

e771fa42489e4390aeba803955dc165d548310d0cbe8b9b33854e7310b738f4a9696286aad70079cac849334c8e4462f650359ba56cc3b03f1da5ea6f549dd75
SSDEEP

6144:q/a2EdJZOQ0ojV26Pm9ABpKS91RfYx/g2GcBZBAjbKlbE0WrHZg6mtgPYbJN+:qSfZOQTV09ApdzRgxY2bvAjbgADFg6mz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fba99a9c714e606c9a163a693dae05a

Files

8fba99a9c714e606c9a163a693dae05a
.exe windows:4 windows x86 arch:x86

4d8e9e06f8e51550e3e5089179e9846d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA

Sections

CODE
Size: 251KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mmym
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Wuya.
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ccg
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE