8b6e1831c9d954605fa504e03a0d91b5091253827abd68c18479584f44acd10e

Sharing

Copy URL

Twitter E-mail

General

Target

8b6e1831c9d954605fa504e03a0d91b5091253827abd68c18479584f44acd10e
Size

960KB
MD5

b63aa3120f4e31d0aa5ad70ac3dc6613
SHA1

010ca4f43956127221f89718250d03d78e82f33e
SHA256

8b6e1831c9d954605fa504e03a0d91b5091253827abd68c18479584f44acd10e
SHA512

63b7d11f7c7275f5d8eef93ff22fa285adec6c4a264598a62a514b311a184cc2fdc35532a852c6a7119c2629bbe629e7ec4ef17e7801f9a1dd3bade959a45fc8
SSDEEP

24576:uHzLPM7YC8xNQm3cD/cu89jZwUDxgFH3yuiQaXE:uHXMN8xNQlId9+UVgFH3ylbXE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
8b6e1831c9d954605fa504e03a0d91b5091253827abd68c18479584f44acd10e

Files

8b6e1831c9d954605fa504e03a0d91b5091253827abd68c18479584f44acd10e
.exe windows:5 windows x86 arch:x86

fe4f539970b07eb9796a8165a22bdbb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetWindowLongA

gdi32

ScaleWindowExtEx

winspool.drv

ClosePrinter

advapi32

RegSetValueExA

shlwapi

PathFindFileNameA

oleaut32

VariantClear

Sections

oHxMxvR?
Size: - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

cHvTmy=O
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

OYpxW[D7
Size: - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DXWYF;*?
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

JetbW1cy
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

f+OPIC#5
Size: - Virtual size: 790KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

?eKk&&32
Size: 885KB - Virtual size: 885KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

>G@J2pX(
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe4f539970b07eb9796a8165a22bdbb3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

Sections

oHxMxvR? Size: - Virtual size: 145KB

cHvTmy=O Size: - Virtual size: 32KB

OYpxW[D7 Size: - Virtual size: 23KB

DXWYF;*? Size: - Virtual size: 15KB

JetbW1cy Size: - Virtual size: 4KB

f+OPIC#5 Size: - Virtual size: 790KB

?eKk&&32 Size: 885KB - Virtual size: 885KB

>G@J2pX( Size: 74KB - Virtual size: 76KB

oHxMxvR?
Size: - Virtual size: 145KB

cHvTmy=O
Size: - Virtual size: 32KB

OYpxW[D7
Size: - Virtual size: 23KB

DXWYF;*?
Size: - Virtual size: 15KB

JetbW1cy
Size: - Virtual size: 4KB

f+OPIC#5
Size: - Virtual size: 790KB

?eKk&&32
Size: 885KB - Virtual size: 885KB

>G@J2pX(
Size: 74KB - Virtual size: 76KB