b8c47b330f9efbf6f58af0bfa2220ca7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8c47b330f9efbf6f58af0bfa2220ca7
Size

186KB
MD5

b8c47b330f9efbf6f58af0bfa2220ca7
SHA1

14b79d2289940f0d177fc8b53281711194e0f1a8
SHA256

3fc3578621cf6509bb59fc848297f4c736d31970a76f6d8e5f5e6c3361cc3e93
SHA512

df00de710bdc0f7590a855dad4351792ada77d34484fefaa7f47df46bda87fa70892c5af3ab5c7b9d920c00c891746a6ba558c75f5c2493b538a0633ab4996ac
SSDEEP

3072:Y8EglrCXIhXgMpSZop7qFRCFOOW3v28dvmtbBaimLh/aKK8oYlnbE9j:Y8EirCXItDpS+SlOiximsKK8oYlA9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8c47b330f9efbf6f58af0bfa2220ca7

Files

b8c47b330f9efbf6f58af0bfa2220ca7
.exe windows:4 windows x86 arch:x86

e77db810d938131cb9007eba22e74022

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetCPInfo
GlobalGetAtomNameW
HeapReAlloc
MultiByteToWideChar
GetACP
GetDateFormatA
SetFilePointer
GetOEMCP
VirtualAlloc
GetConsoleOutputCP
GetTimeFormatA
EnumResourceNamesA
RtlUnwind
TlsAlloc
GetLocaleInfoA
IsValidCodePage
GetModuleHandleA
HeapSize
SetStdHandle
TlsSetValue
WriteConsoleA
RaiseException

occache

FindControlClose

shell32

SHCreateStdEnumFmtEtc
ShellExecuteW
SHGetSpecialFolderLocation
SHBrowseForFolderW
DragAcceptFiles
SHGetFileInfoW
ShellExecuteExW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetMalloc
SHAppBarMessage
Shell_NotifyIconW

Sections

.text
Size: 87KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ