b8e71a5495916d44cc29b82ef1f620e0

General

Target

b8e71a5495916d44cc29b82ef1f620e0
Size

224KB
MD5

b8e71a5495916d44cc29b82ef1f620e0
SHA1

027f76213475178a623fa48d851b83b8515bc1b7
SHA256

c677a33110abcbce985a89b058259f7bba00cc61d712a23a6be966cc6f7add3b
SHA512

f15e1f3a325095ae6f4dbada66f7b651b27f00f713d99fa4e9f3e7ba512cad2679563e6d6b3b18bb361ce1e167f8ef5a448b8a80d3cf12120229fbe4b8d0e788
SSDEEP

3072:1Qb/BzGkD6PUWw7cM/c3ZLQAdwAkuojLQ8exB:1QDBzlsUncMOlQWkb/q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8e71a5495916d44cc29b82ef1f620e0

Files

b8e71a5495916d44cc29b82ef1f620e0
.exe windows:4 windows x86 arch:x86

119d2b5ce6536bb9f8c29c809f8a43db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TransmitCommChar
GetDateFormatA
GetExitCodeProcess
IsBadCodePtr
lstrcmpi
GetConsoleSelectionInfo
GetProcessId
SetTimeZoneInformation
FindFirstFileExA
VirtualQueryEx
GetUserGeoID
SetCommMask
GetModuleFileNameA
GetThreadPriorityBoost
GetDriveTypeA
GetTempPathA
ReadConsoleOutputCharacterA
SetCalendarInfoA
LoadLibraryA
IsValidLocale
FreeConsole
GetExitCodeThread
GlobalFindAtomA
WaitForMultipleObjects
GetConsoleAliasesLengthA
FindFirstChangeNotificationA
lstrlenA
ExitProcess
OpenEventA
UnlockFileEx
ReadConsoleA
WriteConsoleOutputCharacterA
InterlockedDecrement
IsValidLocale
WriteProcessMemory
ReleaseMutex
LCMapStringA
GetCurrentProcess
GetCommMask
GetComputerNameA
OpenFileMappingA
GetLocalTime
OpenProcess
HeapFree
ReadConsoleA
SetConsoleMode
CreateDirectoryA
GetConsoleFontSize
GetProcessShutdownParameters
DeleteTimerQueueTimer
GetNativeSystemInfo
MulDiv
WaitCommEvent
GetSystemDefaultUILanguage
GetCalendarInfoA
CreateNamedPipeA
VirtualAlloc
SetConsoleWindowInfo
GetConsoleHardwareState
FlushFileBuffers
GetNumberOfConsoleMouseButtons
lstrcpyA
SetConsoleNumberOfCommandsA
Toolhelp32ReadProcessMemory
WriteConsoleA
SetCommBreak
SetFileAttributesA
GetModuleHandleA
RegisterWaitForSingleObjectEx
GetExpandedNameA
GetConsoleAliasExesLengthW
ConnectNamedPipe

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeBeginPeriod

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 212KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119d2b5ce6536bb9f8c29c809f8a43db

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 3KB

.text Size: 212KB - Virtual size: 488KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 3KB

.text
Size: 212KB - Virtual size: 488KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB