de8e57ce36c3b6d7a08e9d8291d64f34 | Triage

Sharing

General

Target

de8e57ce36c3b6d7a08e9d8291d64f34
Size

274KB
MD5

de8e57ce36c3b6d7a08e9d8291d64f34
SHA1

eb9dc8c686c18c4d88bcbc74805cf73a4f760122
SHA256

c069224235b4f48f9835b50a00d791a0d2e98a34c2073b60a51aea2e1c9bfbd2
SHA512

59df4e64cf95770a4e64990f8346c9f9376fcfd31d2c8c3bca315683c70959b1a5f4c0f8d7e4a3d389e87bf384133c83b7c0b2ba68838bea9ba33fa572cd74ed
SSDEEP

6144:5dZ8oLDWKzjZcYrieLvzbNqWf2WeNR51WHhDxw2Qvgx4:7LpzjeWLfmRHMhDxw2n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

de8e57ce36c3b6d7a08e9d8291d64f34

Files

de8e57ce36c3b6d7a08e9d8291d64f34
.exe windows:4 windows x86 arch:x86

6ca8116d2eae880ce976010c9bb6deab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetTimeFormatA
GetDateFormatA
GetACP
TlsAlloc
VirtualAlloc
GetOEMCP
GetConsoleOutputCP
IsValidCodePage
SetFilePointer
EnumResourceTypesA
RtlUnwind
HeapReAlloc
TlsGetValue
GetLocaleInfoA
MultiByteToWideChar
TlsSetValue
IsSystemResumeAutomatic
WriteConsoleA
HeapSize
GetCPInfo
SetStdHandle
RaiseException

version

GetFileVersionInfoA

shell32

SHDefExtractIconA
SHGetFileInfoA
SHGetPathFromIDListA
DragAcceptFiles
SHBrowseForFolderA
ShellExecuteExA
Shell_NotifyIconA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ