8f2f40236ce47e428555eef8eaece304d151cf01a89f44f1580f9715fcc3aa77 | Triage

Sharing

General

Target

8f2f40236ce47e428555eef8eaece304d151cf01a89f44f1580f9715fcc3aa77
Size

2.0MB
MD5

500749248df8f98fc6389a64fc1983e0
SHA1

fcae49b38aede6e80826912098e6fd1ef6a93814
SHA256

8f2f40236ce47e428555eef8eaece304d151cf01a89f44f1580f9715fcc3aa77
SHA512

4723c979905a630aa857bb81c358e1a4e28dc43963726afacb9b5b94b57310c143505186adf1c85bffbea977a0e2046152b861761308a796f7d3209d23409676
SSDEEP

49152:PlnHcz+qHa2EBGMMaqNozLbdIMEBk7ZS:VHUo4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f2f40236ce47e428555eef8eaece304d151cf01a89f44f1580f9715fcc3aa77

Files

8f2f40236ce47e428555eef8eaece304d151cf01a89f44f1580f9715fcc3aa77
.dll windows:5 windows x86 arch:x86

efe76c1321e89ca7b8bbb27586b7e0d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteExW

kernel32

Process32FirstW
GetStringTypeA
GetBinaryTypeA
GetModuleFileNameA

oleaut32

SafeArrayGetVartype

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.code
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

=trogt5
Size: 604KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

DATA
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ