3f3b0c9aed0bad1867e8ec62fd7a67ef | Triage

Sharing

General

Target

3f3b0c9aed0bad1867e8ec62fd7a67ef
Size

14KB
MD5

3f3b0c9aed0bad1867e8ec62fd7a67ef
SHA1

1e4dd733408acaf16f846c831bd66106cef1d923
SHA256

55fff0e71fddd56dc442a902478eafd33e1f9d09f2024c95b73b70f94b0b0f96
SHA512

ba8d2ec4ce4ebc4823ee1c6834d304d4d19343bb9bd7ba4add2e56481ac886c63b0ef8838eed6d0d28abd46d41512738a6205423235d0b136be39cc918bbb154
SSDEEP

192:4hO3gDwKfDelbAE/jNW5YTUS/kooQqdKV2DDPetvluZn:xCTfEbAE/jVYGoKMPe5luZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f3b0c9aed0bad1867e8ec62fd7a67ef

Files

3f3b0c9aed0bad1867e8ec62fd7a67ef
.dll windows:4 windows x86 arch:x86

2e3042aac6d2fb5790fe0ad08dc722a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualProtect
GetCurrentProcess
GetCurrentProcessId
GetProcessHeap
HeapAlloc
CreateFileA
GetProcAddress
LoadLibraryA
TerminateProcess
OpenProcess
GetModuleHandleA
Sleep
GetPrivateProfileStringA
SetFilePointer
ReadFile
CloseHandle
GetFileSize
GetModuleFileNameA
CreateThread

msvcrt

__CxxFrameHandler
memcpy
_except_handler3
strcat
_vsnprintf
strcpy
strrchr
__dllonexit
_onexit
_initterm
_adjust_fdiv
_strcmpi
??3@YAXPAX@Z
malloc
strlen
strncpy
memset
free
??2@YAPAXI@Z

user32

wsprintfA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ