8b99b88091d5161ffa40cbb729045520N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b99b88091d5161ffa40cbb729045520N.exe
Size

6.9MB
MD5

8b99b88091d5161ffa40cbb729045520
SHA1

dd791a70a64d816cac4410ff3e8e691055482f2a
SHA256

1e1a65f869467c2f2e1c29d6e0dac77af2885f584504da62babbb17659a9e62a
SHA512

a39da5ef9e3fbe0f57a7256610db3b93ca1ee50d86e248f45aa5cff0cab5e51cd52912a4f669bde049ad0fe026ebc76bb4c4823f0361e855b57eebce94eac044
SSDEEP

196608:HAWi5/GjMXcuuwyIrCKqhA2VolQb2INYwsji:g7/EMXpufaNMAblg2IL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b99b88091d5161ffa40cbb729045520N.exe

Files

8b99b88091d5161ffa40cbb729045520N.exe
.dll windows:6 windows x86 arch:x86

24791dbcd89b6cc83d0d40b6620ed29e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

d3dx9_43

D3DXMatrixScaling

kernel32

OpenEventA

user32

PtInRect

discord_game_sdk

DiscordCreate

Sections

.text
Size: - Virtual size: 566KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.V_Y
Size: - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eVe
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XQ.
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ