8f784b08c60d8ac62fd3302b3e88e1cd36f0ce8c426d74066bdd29ffbc8e1989N[.]exe

General

Target

8f784b08c60d8ac62fd3302b3e88e1cd36f0ce8c426d74066bdd29ffbc8e1989N.exe
Size

248KB
MD5

b15cbc69ae6d678bc84abbc24b49d520
SHA1

3da46cf17425de150429612eeec038771465866f
SHA256

8f784b08c60d8ac62fd3302b3e88e1cd36f0ce8c426d74066bdd29ffbc8e1989
SHA512

a17269c318f63371561b2ae90e3114af8f0b0824e53a96538d5af1c97a17262d0c28d08394cad70067f6dc88282f2b8bd3cd69dda6a5f1a847ca58eca29c187c
SSDEEP

3072:taEZWj7MjLm4xNq5qg606u9YKuGmUKGOtdnVF8SYbQRtKX3lywX98qsQI+AXn:f2tvKXLViSYeKXVyl8I+AXn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f784b08c60d8ac62fd3302b3e88e1cd36f0ce8c426d74066bdd29ffbc8e1989N.exe

Files

8f784b08c60d8ac62fd3302b3e88e1cd36f0ce8c426d74066bdd29ffbc8e1989N.exe
.dll windows:4 windows x86 arch:x86

50f7feed7f7619fedc0f072dfb4b5a63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

b:\source\source.YB\67160\Release_WDMAT_391\wx\Win32\Release\wd190mat.pdb

Imports

msvcrt

_lfind
_wcsicmp
fabs
log
pow
_HUGE
ceil
bsearch
_initterm
_adjust_fdiv
atof
vswprintf
wcscat
memmove
isxdigit
_wcsupr
_fcvt
wcschr
realloc
??2@YAPAXI@Z
??3@YAXPAX@Z
_wtoi
swprintf
wcsncpy
strncpy
wcslen
wcscpy
malloc
floor
free
_CIasin
_CIacos
__CxxFrameHandler
_CIexp
_CIpow

kernel32

GetLastError
InterlockedExchangeAdd
InterlockedDecrement
InterlockedIncrement
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
LocalFree
FormatMessageW
GetCurrentThreadId

Exports

Exports

CommandeComposante
Execution
InfoComposante
TermLibrary
bInitLibrary
bInitWLCalcFromVM
bInitWLConvFromVM
pQueryProxy

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

50f7feed7f7619fedc0f072dfb4b5a63

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 12KB - Virtual size: 10KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 12KB - Virtual size: 10KB

.text
Size: 112KB - Virtual size: 112KB