b8c18b603b4679f0e0929cd450de72ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8c18b603b4679f0e0929cd450de72ad
Size

11KB
MD5

b8c18b603b4679f0e0929cd450de72ad
SHA1

dfc1faae839f7f701656f7e659d15cfcd9378bbe
SHA256

5defa7df96a9cf053adb7ad62a54456f42e09b80e78dde9f5a5cacc6d764bd94
SHA512

59873a714184f42a2cf2a73f0dc1357763f9e3637a7f8dba1cb28007bc847ea4a6eacdd1ba49053223083592cebace142f5abbb17251be00863bf9321f24fe85
SSDEEP

192:VZ4sJhiQrpYmF4q4HvnqdQn1GigPbO9bMY687h35giaZ00N9U/fkx:VTJFq+4HJ1HRMbAm94fkx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8c18b603b4679f0e0929cd450de72ad

Files

b8c18b603b4679f0e0929cd450de72ad
.exe windows:4 windows x86 arch:x86

8cc019d1a7d4e0151a2f930051d6de49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

lstrcmpiA
GlobalAlloc
GetProcAddress
GetModuleHandleA
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
lstrlenW
OpenProcess
GlobalFree
WriteFile
LockResource
CreateFileA
LoadResource
SizeofResource
FindResourceA
lstrlenA
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
HeapFree
VirtualFree
CloseHandle
VirtualAlloc
Sleep
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapSize

user32

wsprintfW

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ