3f441cdf414fca395be69d12acbab705 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f441cdf414fca395be69d12acbab705
Size

8KB
MD5

3f441cdf414fca395be69d12acbab705
SHA1

d5b52e1525f3eb0635481148e0cc7961ce0c38ee
SHA256

30e983f501dd1b65b578f6e30f644c419492abdcffe34be7e32f001171b72cf9
SHA512

e4def1228896ded7d1a56e858ff43acdd4870de3822a14c9d06cc147b8e48da9bf9c061bc8db26a36062fa55e19962e51e719531d59759f208aa2a70cf6e3e6d
SSDEEP

192:eG2PqIvjiLNNUIfHebetfNNj84UCOqoF:eRPqIeLo2fNNj84ZOqo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f441cdf414fca395be69d12acbab705

Files

3f441cdf414fca395be69d12acbab705
.exe windows:4 windows x86 arch:x86

3e648a8014e375d283249902ebbfbea3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

GetLocaleInfoA
GetModuleFileNameA
GetProcessHeap
GetFileTime
GetShortPathNameA
GetSystemTime
GetTempPathA
GetTickCount
GetVersion
GetVersionExA
CreateFileA
ExitProcess
HeapFree
lstrcmpiA
SystemTimeToFileTime
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
GetEnvironmentVariableA
CloseHandle
CreateMutexA
HeapAlloc
GetWindowsDirectoryA
Sleep
GetCommandLineA
GetLastError

shell32

ShellExecuteA

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
GetUserNameA

rasapi32

RasEnumDevicesA

wininet

FindCloseUrlCache
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
HttpOpenRequestA
DeleteUrlCacheEntryA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE