8ff365e9c8d693c48790b1e13ab58344 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ff365e9c8d693c48790b1e13ab58344
Size

206KB
MD5

8ff365e9c8d693c48790b1e13ab58344
SHA1

b445d211e75f8cd4177812d157c2a883c2b3d48a
SHA256

ec51af65cb836c7e48272b32aaee757f3eb74bd673c0edc712efc4aca130ff73
SHA512

45bfd69956ae04ec01b6b701ed1450d475e616ecd87f5c8b6725741ee1765bc2c11b6926771ac5598a333d249cbc28f784fc39301f0536d98642764bfbce180a
SSDEEP

6144:QOE0uuVK9uzOLapTiFVfJ/QiNdND1Wk4bH:u0fRoFVR/QiLvW7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ff365e9c8d693c48790b1e13ab58344

Files

8ff365e9c8d693c48790b1e13ab58344
.exe windows:4 windows x86 arch:x86

ab3f4e8910c54eead07c9aa58a0ee425

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDIBColorTable
BitBlt
GetClipBox
GetDCOrgEx

advapi32

RegEnumKeyExA
RegOpenKeyA
GetUserNameA
RegLoadKeyA

kernel32

LoadLibraryA
VirtualAlloc
GetProcessHeap
GetProcAddress
GetStartupInfoA
IsBadHugeReadPtr
ExitProcess
GetCommandLineW

ole32

StringFromIID
GetHGlobalFromStream
CoGetObjectContext

user32

ReleaseCapture
GetSysColorBrush
LoadBitmapA
RemovePropA
RemoveMenu
DrawMenuBar
ReleaseDC
EnableWindow
ScreenToClient
GetMenu
ScrollWindow

Exports

Exports

_r21_FRQ@12
P782m4J
ChXTJ65E
_IgwR7cFkOQ@12

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ