8ffd411f17e5f635460c280691fa4c27 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ffd411f17e5f635460c280691fa4c27
Size

177KB
MD5

8ffd411f17e5f635460c280691fa4c27
SHA1

3ee8109a03767b8df8f8c8d3b74379be141db65e
SHA256

832c127ae783b117ba739471d981d5beb0f84c9712c53c56ad5acab4ba9e47e8
SHA512

bb59873dd155401bf2b3ae1f76431de4f23edb85c10e4bc308d921a325fb632e196fdcf7ee8fbfd5f6af993212ac5f6bf850593d165ab05cd7848589c90cf7e5
SSDEEP

3072:6/Ls3XEv+PLnfBe3fv7gteUjNfexsbCMqHRKG7IrMFU6E+Y2nNWzO:9EvUfBin7g7IaG1gEleyWzO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ffd411f17e5f635460c280691fa4c27

Files

8ffd411f17e5f635460c280691fa4c27
.exe windows:4 windows x86 arch:x86

24f371041c94c41aacc2b91aca89dd3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
HeapReAlloc
GetTickCount
GetVersion
GetSystemDefaultLangID
GetCommandLineA
AddAtomA
CompareFileTime
GetModuleHandleA
GetStdHandle
GetProfileIntA
WaitForMultipleObjects
HeapCreate
VirtualProtect
GetConsoleCP
LoadLibraryExA
SuspendThread
lstrlenA
WaitForSingleObject
InterlockedExchange
GlobalUnlock

user32

PostMessageA
GetKeyboardLayout
EnableScrollBar
InsertMenuA
DispatchMessageA
GetMenuStringA
MessageBoxA
ShowWindow
CreateCursor
FindWindowA
SubtractRect
TranslateMessage
CopyRect
CreateCaret
PaintDesktop
DialogBoxParamA
SetWindowPos
DestroyMenu
ModifyMenuA
GetDlgItem
GetWindowTextA
SetPropA
EqualRect
GetKeyState
UpdateWindow

atl

AtlGetVersion
AtlAdvise
AtlModuleInit
AtlUnadvise
AtlSetErrorInfo

dnsapi

DnsStatusString

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ