b8d1136879bde47d49971bc652371f42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8d1136879bde47d49971bc652371f42
Size

255KB
MD5

b8d1136879bde47d49971bc652371f42
SHA1

b31ef71d05e225bbeedf715fd54d4f3da2aa9951
SHA256

4f4d719ccf333894f208eb07d392e5ec0cd75b5d328cc8435ac6b3fe5e531f0d
SHA512

3180ed9e5781d9dcd867f2e739aeee10c10d37f83b5d9365befeb0a84eb17ad52bc04bc781657d38b4785cd5f1a96eef9d542a36fd7156e08d422a10f3fadec8
SSDEEP

6144:om76xkv0MyMdRD/k3NTdXvBpuFGxQULzJPYddx:D76WVdF/k33usNYh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8d1136879bde47d49971bc652371f42

Files

b8d1136879bde47d49971bc652371f42
.exe windows:5 windows x86 arch:x86

59d903225268e30dcff6f517be13f9e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateProcessW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
GetTempFileNameW
lstrcpyW
lstrlenW
GetModuleFileNameW
GetModuleHandleW
GetTempPathW
GetFileSize
lstrcmpA
DeleteFileW
MoveFileW
CopyFileW
GetCommandLineW

shell32

CommandLineToArgvW

Sections

.data
Size: 255KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE