8fed4356233a8091297ac23c61edcede | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8fed4356233a8091297ac23c61edcede
Size

62KB
MD5

8fed4356233a8091297ac23c61edcede
SHA1

ccc24373aa6d00a5628700d2252447b5da95671e
SHA256

0bfce2b056553bafaafbd7a1e5883bb85a4273edc4f13a348973c25375ca8620
SHA512

ff1cd463520073eba37b5bff2ddcf0b32016dcbd6408f2f660fd02fabc722e7c1236db412df1e7d69ef2e33adfbc986fa9dd61206957de683a462e099181c869
SSDEEP

1536:odFuWZB2h56hemqVPqKqPY7QFkdCBvAqrd/5ryF9U:WBZgh5MePqK7QFkdYvzR/5rr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fed4356233a8091297ac23c61edcede

Files

8fed4356233a8091297ac23c61edcede
.exe windows:4 windows x86 arch:x86

8bb7fd9161c7dd758b7f65da97e3dace

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
IsValidUILanguage
GetVolumePathNamesForVolumeNameW
GetConsoleAliasW
CreateJobObjectW
CompareStringW
ResetEvent
GetThreadLocale
IsBadStringPtrA
GetEnvironmentStrings
DosPathToSessionPathA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE