c8a9ee6526205316037cbf8dd6bc7e0d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8a9ee6526205316037cbf8dd6bc7e0d
Size

193KB
MD5

c8a9ee6526205316037cbf8dd6bc7e0d
SHA1

779c79fbeaa50b4b2d22613c3babc7e8114f87b0
SHA256

81732d84743e66e08c03c803d5317758e4528a76871f047844864a09ed99f3e4
SHA512

179fdd66e3622871e8f5da14cb4d58f2a1bf03c38e55cee1faadcac9e7a71c983f621190197d828e579500760f1e31d62e9c4201d258ed93c9949cad0c933795
SSDEEP

3072:zZp4h/nPra8G8XcL5onsUENACypb9jPpKPWkxE3hoXTCYyfhHE0c5bjetFB:zZp41m8G8KkP9pdPpWWeEuTl5fetF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8a9ee6526205316037cbf8dd6bc7e0d

Files

c8a9ee6526205316037cbf8dd6bc7e0d
.exe windows:4 windows x86 arch:x86

6fb34a4de9e803fd8af7aa6a7667adeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
ExitThread
ExitProcess
VirtualAllocEx
IsBadReadPtr
IsBadHugeReadPtr
LoadLibraryExA
GetCommandLineA
GetModuleHandleA
GetProcAddress
lstrlenA
GetCommandLineW
GetLastError

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ