c8a8c6ba8b5a130053866c5d0e9dd2ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8a8c6ba8b5a130053866c5d0e9dd2ba
Size

15KB
MD5

c8a8c6ba8b5a130053866c5d0e9dd2ba
SHA1

8e8f63c36ee96d8b8704fae64d59f73ce75ecd3e
SHA256

e9a4779a4d54d3ee782dd1de21defb9e15dd437e2c9baa49a9e1641acb380d07
SHA512

2fb401bfb15fbf6c52f79318d33f71486c0a5f20fe0d390de3e0e2602d8fea0e09dae7f464844fb2af8885e4dc21c4c4f8d1e2483bd62715656b59738da28baa
SSDEEP

384:7DUyCfTjbj4uB4oj4NUWmEBbXeYGwvJbN:7Dgj/B4Nm4nzR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8a8c6ba8b5a130053866c5d0e9dd2ba

Files

c8a8c6ba8b5a130053866c5d0e9dd2ba
.dll windows:4 windows x86 arch:x86

7a3005c5dca033ec9162e25e33a7c6c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CallWindowProcW
RegisterClassExW
ReleaseDC
OpenIcon
LoadCursorFromFileA
InvalidateRect
ImpersonateDdeClientWindow
GetDC
wsprintfA

kernel32

InitAtomTable
lstrlenA
lstrcatA
SystemTimeToFileTime
SleepEx
Sleep
RtlMoveMemory
OpenMutexA
BeginUpdateResourceA
CloseHandle
CreateThread
DeviceIoControl
ExitProcess
ExitThread
FlushViewOfFile
GetCommandLineA
GetProcessHeaps
GetSystemTime
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryExA
LoadLibraryA

gdi32

BitBlt
CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceCaps
GetFontResourceInfoW
SelectObject

Exports

Exports

fairvg

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ