8fde9b31c183f0fd4180ef9b974f00fb

Sharing

Copy URL Twitter E-mail

General

Target

8fde9b31c183f0fd4180ef9b974f00fb
Size

56KB
MD5

8fde9b31c183f0fd4180ef9b974f00fb
SHA1

3944e8e68d403566414327a100f3b0118e809b0a
SHA256

ee9cdce94f547668dbd403324e749b7fe4265cb3759ff9cae9650cb9ef6c5b7b
SHA512

8631e1c9550a41d91ee999a6b2df72051cb61f427cc5b3ff50a6c8bd71cdd13c4886fa8a71f52dcc2857fa2fb2deb8fe54280af0c7b9596b2cd49642f7f58c3a
SSDEEP

768:pdfLtzrtJ+1W/W02VkY/v/sYnG1gpGusEVNxOU5bQoK1MT:nztLeOQH/sYn9sEVHOU5bfK1q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fde9b31c183f0fd4180ef9b974f00fb

Files

8fde9b31c183f0fd4180ef9b974f00fb
.exe windows:4 windows x86 arch:x86

529ac5ec8d9f55fe42c00b50ddec8e6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
sscanf
free
atol
memcpy
fopen
fseek
ftell
fgetc
fread
fclose
time
strcmp
strcpy
strlen
memset
sprintf
strcat

kernel32

FreeLibrary
RaiseException
InterlockedExchange
LocalAlloc
GetStartupInfoA
GetLastError
WriteFile
GetShortPathNameA
GetEnvironmentVariableA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
ResumeThread
GetComputerNameA
GetModuleFileNameA
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
Process32Next
lstrcpyA
lstrcatA
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateThread
WritePrivateProfileStringA
GetSystemDirectoryA
WinExec
DeleteFileA
CreateFileA
GetFileSize
Sleep
GetProcAddress
GetModuleHandleA
LoadLibraryA
CloseHandle
VirtualProtect

Sections

.text
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.V0
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.V1
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.V2
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

529ac5ec8d9f55fe42c00b50ddec8e6c

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: - Virtual size: 6KB

.rdata Size: - Virtual size: 2KB

.data Size: - Virtual size: 8KB

.V0 Size: - Virtual size: 1KB

.V1 Size: - Virtual size: 20KB

.V2 Size: 44KB - Virtual size: 41KB

.reloc Size: 4KB - Virtual size: 104B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: - Virtual size: 6KB

.rdata
Size: - Virtual size: 2KB

.data
Size: - Virtual size: 8KB

.V0
Size: - Virtual size: 1KB

.V1
Size: - Virtual size: 20KB

.V2
Size: 44KB - Virtual size: 41KB

.reloc
Size: 4KB - Virtual size: 104B

.rsrc
Size: 4KB - Virtual size: 1KB