c8f31ae396fd1ca665a226d6a7e17373 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8f31ae396fd1ca665a226d6a7e17373
Size

362KB
MD5

c8f31ae396fd1ca665a226d6a7e17373
SHA1

dc834b3e0b727ab0aa6116bedac6ec8f098cab66
SHA256

8418657ebc3cfc42b75dd9571ce9e975d060ec7357b3d3c8ff857b41da09b781
SHA512

cbc90d0a174f286b27c1bc0ef2f05ce2a1883a90ed3f803788d5c30e58cb0bc481a35771f0c9435580b39c202eac1dd04ea897a98479b2be7fc698b730402376
SSDEEP

6144:iW3gnMKsySSJILQfyHQwHawBXHmv/o+7M41bO+9Wrb:iW3Qjs9Qfy3HawB+QIq+9W3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8f31ae396fd1ca665a226d6a7e17373

Files

c8f31ae396fd1ca665a226d6a7e17373
.exe windows:4 windows x86 arch:x86

bec9ae48cc1d2ffa80c8fba6e5f5aea3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
CloseHandle
DeleteCriticalSection
GetExitCodeProcess
GetDriveTypeA
GetVolumeInformationA
EnumResourceTypesA
SearchPathA
GetTickCount
FindClose
ReleaseMutex
Sleep
FreeConsole
TlsGetValue
GetComputerNameA
GetCommandLineA
GetModuleHandleA
GetLastError
VirtualProtect
CreateMutexA

shell32

StrChrA
DragAcceptFiles
SHAlloc
SHGetSettings
ShellMessageBoxA
SHGetNewLinkInfo
ShellAboutA
DragQueryFileA
SheChangeDirA
DragFinish
DragQueryPoint
SHGetMalloc
SHFree
SHGetDiskFreeSpaceA

glmf32

glsAppRef
glsComment
glsBlock
glsChannel
glsBinary

user32

MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ