9a8be64f75059e859fbaf5c82d0ec359 | Triage

Sharing

General

Target

9a8be64f75059e859fbaf5c82d0ec359
Size

196KB
MD5

9a8be64f75059e859fbaf5c82d0ec359
SHA1

241bcbcd24a2e66be0546ce8c5c07f6b1563ba00
SHA256

41333b088e1711fbae4940fdcd5d3e0b9455bb5dbb0d1a8e157830fa928cc962
SHA512

8988d065f1d3deb11df0afef171f1833961faf982ecbfb2f6dbb25a6339d0b453ccadf807e076a26d0b58413e735a4fc6aae0aba01e71a57e52b877258ff1675
SSDEEP

3072:gWmv3jbe2+0hJOZ4McNGNMWVwNezepOeaiczye:Q3hnNMMWoezepJazye

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a8be64f75059e859fbaf5c82d0ec359

Files

9a8be64f75059e859fbaf5c82d0ec359
.exe windows:4 windows x86 arch:x86

0edd74c86f2d62b1c911278c7fd71fd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
GlobalCompact
GetOEMCP
GlobalLock
DeleteAtom
LoadLibraryExA
GlobalFree
GetTapeStatus
ExitThread
GlobalFlags
FindAtomA
EnterCriticalSection
CreateHardLinkA
GetProcessHeap
FormatMessageA
GetCommState
ReadProcessMemory
ClearCommBreak
CloseHandle
VirtualAlloc
GetStdHandle

user32

ValidateRect
RegisterClassA
GetActiveWindow
GetFocus
CloseWindow
DrawEdge
EndPaint
GetClassNameA
ShowWindow
IsIconic
BeginPaint
GetWindowTextLengthA
ReleaseDC
GetForegroundWindow
GetWindow
GetWindowTextA
GetDC
GetParent
GetClassInfoExA

wsock32

WSAIsBlocking
WSAGetLastError
WSAStartup
WSACleanup
WSAAsyncSelect

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ