b8a8fc6daa4f44769ac89665892b251e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8a8fc6daa4f44769ac89665892b251e
Size

186KB
MD5

b8a8fc6daa4f44769ac89665892b251e
SHA1

0e560ad56a90a8e7cff54758feac67df9e0be52d
SHA256

a0fcc5c1e22e8b2ab756199f5eb3cd18b9c1896595b7957d36424beae09125ef
SHA512

c8b8b9afc623742b36fc2c9191eec70bd82fb8b602997b3f2686164aedd8d3caaecf75bc566012f7179b36ec603025bd35cffed411c429add2bbf19d08758652
SSDEEP

3072:RzJdv4VC3UE+1CFukrAIWCaNImAjJSbrLnHu2F7egzuh0:9vNU0rrTWLGNSbrLnH2EuS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8a8fc6daa4f44769ac89665892b251e

Files

b8a8fc6daa4f44769ac89665892b251e
.exe windows:4 windows x86 arch:x86

619803044e09e00b6216d5ae1266724c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GlobalGetAtomNameW
HeapSize
TlsGetValue
SetStdHandle
GetLocaleInfoA
TlsAlloc
GetCPInfo
MultiByteToWideChar
GetOEMCP
TlsSetValue
EnumResourceNamesA
SetFilePointer
GetACP
GetModuleHandleA
GetTimeFormatA
GetDateFormatA
VirtualAlloc
IsValidCodePage
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
RaiseException

occache

FindControlClose

shell32

SHCreateStdEnumFmtEtc
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetDesktopFolder
ShellExecuteW
ShellExecuteExW
SHGetMalloc
SHGetFileInfoW
SHGetPathFromIDListW
DragAcceptFiles
Shell_NotifyIconW

Sections

.text
Size: 86KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ