b8df97f5b8d03d2ef72d2821fbf7e1d9

Sharing

Copy URL Twitter E-mail

General

Target

b8df97f5b8d03d2ef72d2821fbf7e1d9
Size

179KB
MD5

b8df97f5b8d03d2ef72d2821fbf7e1d9
SHA1

af7617e32aeef843f946dfeedde85e6221f5fbc1
SHA256

39b8d22067a6f888c34492b3afe8da267553ac9be54fed88ef7dce970750a5dc
SHA512

d13ad59ac45552197c46018887381faed1bae8807fbfbd31d64f8c1170d32b1e5bdd824c8389635886ba6b71a43621d9f58da3c98181307001ff23a69144088a
SSDEEP

3072:TF4Ea2JArl3Vw5QUPYLqgoaWcPeaI0ckUTSJu31Hr7Yq:eEaaB5QjLqfaW+20ck2goHrMq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8df97f5b8d03d2ef72d2821fbf7e1d9

Files

b8df97f5b8d03d2ef72d2821fbf7e1d9
.exe windows:4 windows x86 arch:x86

e042f6e81ef18432a1c25a5ecbdbc506

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterWindowMessageW
CharNextW
SetPropW
GetNextDlgGroupItem
MessageBeep
CharUpperW
RemovePropW
CopyAcceleratorTableW
GetClassInfoExW
WinHelpW
GetNextDlgTabItem
GetPropW
SendDlgItemMessageA
IsRectEmpty
GetClassLongW
InvalidateRgn
CreateWindowExW
InvalidateRect
SetRect
DestroyMenu

ole32

CoInitialize
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoTaskMemAlloc
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoUninitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoGetClassObject
CLSIDFromProgID
CoRegisterMessageFilter
CoTaskMemFree
CoCreateInstance
OleFlushClipboard
StgOpenStorageOnILockBytes
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

ExtTextOutW
GetDeviceCaps
PtVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
OffsetViewportOrgEx
GetBkColor
ScaleViewportExtEx
RectVisible
TextOutW
GetMapMode
SetWindowExtEx
ExtSelectClipRgn
Escape
SelectObject
DeleteDC
GetTextColor
GetRgnBox

shlwapi

PathStripToRootW
PathFindExtensionW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyW
RegDeleteKeyW
RegSetValueExW
RegQueryValueW
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExW

kernel32

DeleteFileW
MultiByteToWideChar
GetCurrentProcessId
GetCalendarInfoW
SystemTimeToFileTime
lstrcpyW
GetModuleFileNameW
LoadLibraryW
ReadFile
FindClose
GetSystemDefaultLangID
ConvertDefaultLocale
GetThreadContext
GetFileAttributesW
GetLocaleInfoW
EnumResourceNamesA
FindNextFileW
GetCurrentDirectoryW
LocalFileTimeToFileTime
InterlockedDecrement
SetFilePointer
WideCharToMultiByte
ExitProcess
SetFileTime
EnumResourceLanguagesW
MoveFileW
FindFirstFileW
CreateDirectoryW
RemoveDirectoryW
WriteFile
CreateFileW
GetVersion
GetProcAddress

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e042f6e81ef18432a1c25a5ecbdbc506

Headers

File Characteristics

Imports

user32

ole32

oleacc

gdi32

shlwapi

shell32

advapi32

kernel32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 71KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 248KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 71KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 248KB