c8db6cd9d18c20e76b81583c51a5c667 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8db6cd9d18c20e76b81583c51a5c667
Size

492KB
MD5

c8db6cd9d18c20e76b81583c51a5c667
SHA1

89e44ee371d1742f8e8bff38109adc5c8d81d079
SHA256

d04cdf2613079730815b68d2862d94c587c93e9eb9823909637a818af2dfddd5
SHA512

8f1ac3eee01f2741e82bdd894fbe6c6cf558529f1cc58c34f0545149f1472c9d96464ea1062118a970c2240d28ad1a6d78e8964bd02956d20d4e2f9844eb41ad
SSDEEP

6144:G8ScmxbzO1dkbGQuIpqiz7zbtN4xMofelkU6Z7HiTddQv2X2GGUW35MLi/j79T7S:G8nmxWvy7zAKofncdMa3JLi779XzZs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8db6cd9d18c20e76b81583c51a5c667

Files

c8db6cd9d18c20e76b81583c51a5c667
.exe windows:4 windows x86 arch:x86

5b4e5452bcd70b5695ce8ab39bdadb18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
FindClose
FindFirstFileW
GetLocaleInfoA
GetVolumeInformationW
GetFullPathNameW
CreateFileW
SetErrorMode
GetVersionExW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
RtlUnwind
HeapValidate
IsBadReadPtr
RaiseException
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetStdHandle

msvcrt

_iob
_initterm
pow
fprintf
?terminate@@YAXXZ
exp
free
_initterm
malloc
_adjust_fdiv
exit
_CIpow
_ftol
__CxxFrameHandler
_purecall
_except_handler3

msvfw32

ICInfo
ICOpen
ICSendMessage
ICClose
ICGetInfo

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ