c8e8105b9de5f58b459502d5c108ea35

Sharing

Copy URL Twitter E-mail

General

Target

c8e8105b9de5f58b459502d5c108ea35
Size

81KB
MD5

c8e8105b9de5f58b459502d5c108ea35
SHA1

dbbc16172e72ccbf8dfcaadd077d72a4ae7f1b7e
SHA256

c269b292a4b5a9d4dce540b4c3429acac2c4f2091d9948a92342c034d154aa07
SHA512

016905cdd9c0087a248b41896cc251cec4ca5048f8e3fb5bc0715c42ac17f067e9252e0b53d2d017b89bfe756acd5608ad061d4d3d6f4b9a269825eea3601d5a
SSDEEP

1536:WNdZWTh3DqcuiaJxrOyqwY5XRdE1e5OA7oiiY5:+ZkDBhdEA5OooiJ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8e8105b9de5f58b459502d5c108ea35

Files

c8e8105b9de5f58b459502d5c108ea35
.exe windows:4 windows x86 arch:x86

39847ad30ed7afc591f6dfae553de579

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
OpenMutexA
GetExitCodeThread
GetModuleHandleW
GetPrivateProfileStringA
MapViewOfFileEx
GetModuleHandleA
CreateFiber
ExitProcess
GetLastError
GetDriveTypeA
GetCurrencyFormatW
GetFileSizeEx
GetProfileSectionA
GetWindowsDirectoryA
GetStringTypeExW
MultiByteToWideChar
GetTimeFormatW
GetModuleHandleA
RemoveDirectoryA
LoadLibraryA
GetModuleFileNameA
SetEndOfFile
GetSystemDirectoryW
CreateFileW
OutputDebugStringA
DeleteFileA
InitializeCriticalSection
VirtualProtect
VirtualAlloc
GetEnvironmentStrings

msvcrt

getchar
_strset
memcpy
_getdrive
_mbsicoll
_HUGE
ftell
_wcsnset
_fdopen
isspace

user32

DrawTextW
GetMenu
ModifyMenuA
MessageBoxW
OpenDesktopA
RegisterClassExW
TrackPopupMenu
GetClientRect
SendMessageW
InvalidateRect
InsertMenuItemW
ShowWindow
LoadStringA
MonitorFromWindow
AdjustWindowRect
GetWindowTextW
PostMessageW
LoadStringW
GetWindowPlacement

gdi32

SetTextColor
CreateRectRgn
SetViewportExtEx
GetTextMetricsW
SetBrushOrgEx
CombineRgn
SetStretchBltMode
SetBkColor
LineTo
GetNearestColor
GetDIBits

Exports

Exports

Lugnk
XnUulplgAhl
KlFxjzngMyedqzByvabkkPqq
EtnSqszukTwnvyWuh
EaexhoTogoje

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39847ad30ed7afc591f6dfae553de579

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 1KB - Virtual size: 1KB

.debug Size: 1KB - Virtual size: 1KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 64B

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 1KB - Virtual size: 1KB

.debug
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 64B