8ffa4e0bcc37f03977ee0eb77dae2639cf360bfadfaead0b0fc304d1dbd8a78f

Sharing

Copy URL

Twitter E-mail

General

Target

8ffa4e0bcc37f03977ee0eb77dae2639cf360bfadfaead0b0fc304d1dbd8a78f
Size

6.7MB
MD5

50385df19f957b903a16162568d5d844
SHA1

6299602980a42b3b36268581d9f5c1c95edc0c68
SHA256

8ffa4e0bcc37f03977ee0eb77dae2639cf360bfadfaead0b0fc304d1dbd8a78f
SHA512

b440643a8f8e135e2d14ed786e2d085ca5633e09a26eb9a6058d65fb85da071fffac68de0400a5f8a3d1fd58dbe7c36d4e6b5708213aab2f76117f7600cd0804
SSDEEP

196608:iLmZYVW6eOSuI1uJAfiV4Yh/DMsQadFuETY5Wd:iLmr+SuGuCf/w4sQadFuEMO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ffa4e0bcc37f03977ee0eb77dae2639cf360bfadfaead0b0fc304d1dbd8a78f

Files

8ffa4e0bcc37f03977ee0eb77dae2639cf360bfadfaead0b0fc304d1dbd8a78f
.exe windows:5 windows x86 arch:x86

fd1af9114e807b5802c78dd420d59f0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

TranslateAcceleratorW
CharUpperBuffW

advapi32

GetUserNameW

shell32

ShellExecuteExW

ole32

CoCreateInstance

oleaut32

SysAllocString

Sections

.text
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sn6
Size: - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.[)=
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htext
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.83&
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.&zv
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.z9@
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd1af9114e807b5802c78dd420d59f0e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: - Virtual size: 22KB

.rdata Size: - Virtual size: 9KB

.data Size: - Virtual size: 266KB

.sn6 Size: - Virtual size: 51KB

.[)= Size: - Virtual size: 3KB

.htext Size: - Virtual size: 4KB

.83& Size: - Virtual size: 3.7MB

.&zv Size: 1KB - Virtual size: 1KB

.z9@ Size: 6.6MB - Virtual size: 6.6MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 51KB - Virtual size: 50KB

.text
Size: - Virtual size: 22KB

.rdata
Size: - Virtual size: 9KB

.data
Size: - Virtual size: 266KB

.sn6
Size: - Virtual size: 51KB

.[)=
Size: - Virtual size: 3KB

.htext
Size: - Virtual size: 4KB

.83&
Size: - Virtual size: 3.7MB

.&zv
Size: 1KB - Virtual size: 1KB

.z9@
Size: 6.6MB - Virtual size: 6.6MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 51KB - Virtual size: 50KB