8f5a409d61edcf6328d24fed21d9ea3c02140ef397bfc27826c29eb64e801b9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f5a409d61edcf6328d24fed21d9ea3c02140ef397bfc27826c29eb64e801b9c
Size

276KB
MD5

734875b2ae2ee4280c425e02db5253bf
SHA1

62871348d5a9239085cfb90021f4e22fdd369f55
SHA256

8f5a409d61edcf6328d24fed21d9ea3c02140ef397bfc27826c29eb64e801b9c
SHA512

023dc782980de9c2ddc595bb182f36da2cb6909fa79df97c6f4e5a68730da0becd7d9fb7ec0c71a9bf8957015193117fcda8e24bddae28cf30afe2bf5e64553c
SSDEEP

6144:hsIeHBGvKMuBtbfxoU1fpWbWhzub0MUrwM3IVSk:mITqbfxoU1fUbgFbwMYj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f5a409d61edcf6328d24fed21d9ea3c02140ef397bfc27826c29eb64e801b9c

Files

8f5a409d61edcf6328d24fed21d9ea3c02140ef397bfc27826c29eb64e801b9c
.dll windows:4 windows x86 arch:x86

e86abfd82e037fa4b5727619a053b229

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
SetNamedPipeHandleState
GetDateFormatW
WritePrivateProfileStructA
lstrcmpiA
ReadConsoleOutputCharacterA
GetNamedPipeHandleStateW
FindNextChangeNotification
GlobalAddAtomW
LoadLibraryA
RaiseException
GetLastError
InterlockedExchange
LocalAlloc
GetProcAddress
FreeLibrary

secur32

ApplyControlToken
VerifySignature
QuerySecurityPackageInfoA

Exports

Exports

DiskRemove
ElementMindLatest
ExpansionDynamic
GetEfficientMight
PersistentSituation
ReturnPartString
RunRemovalInheritance
SucceedNetwork

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ