b8b35297a36f31d49592382907d6af7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8b35297a36f31d49592382907d6af7f
Size

186KB
MD5

b8b35297a36f31d49592382907d6af7f
SHA1

252f686c40cfbbae93452c8bccae45379d63d1e3
SHA256

d42afa111953fe6daf4befcc24c0b2292b10ad43ca059e69797bf5b5fa49a4b6
SHA512

58022271b4c1b06c9a904a388efc358cee5bbd1a7f9bceb334e478939968bb2faa84cb74c02cf7760b6f017ec153278ab98c25da426d530d04a60103cc8210ca
SSDEEP

3072:mdbVlL/jdHk3BcY2TS3Qz514CioPge8kT6pnJtxHoyzXhbcDIYPy7uaV0oHuh+6K:eH7ju24nUE2ozx4DVa7uaVHHuh+NdXei

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8b35297a36f31d49592382907d6af7f

Files

b8b35297a36f31d49592382907d6af7f
.exe windows:4 windows x86 arch:x86

9cddbb7f0aef6b47b9f0fb326b36d412

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
VirtualProtect
WaitForMultipleObjects
GetModuleHandleA
AddAtomA
CompareFileTime
lstrlenA
HeapReAlloc
LoadLibraryExW
CloseHandle
InterlockedExchange
GetStdHandle
GetTickCount
SuspendThread
GetSystemDefaultLangID
GlobalUnlock
HeapCreate
WaitForSingleObject
GetVersion
GetProfileIntA
GetCommandLineA

user32

DragObject
GetKeyState
DispatchMessageA
CreateMenu
GetCursorInfo
DialogBoxParamA
CreateCaret
DrawCaption
InsertMenuA
SetPropA
GetDlgItem
SetScrollInfo
IsDialogMessage
CopyImage
FindWindowA
InvertRect
DestroyMenu
CreateIcon
MessageBoxA
SetWindowPos
CopyRect
CreateCursor
EnableScrollBar
GetKeyboardLayout

advapi32

RegCreateKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
RegEnumKeyA

apphelp

GetPermLayers

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ