3f4e259a4c12a82094240ee2c77c43aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f4e259a4c12a82094240ee2c77c43aa
Size

1.5MB
MD5

3f4e259a4c12a82094240ee2c77c43aa
SHA1

7af1cd1b6550efb56b8871713d57e1224c5c4bf6
SHA256

6df9af2cbf92d9ef2969b698bf0a3dd51f55ae6e9f05a1d44672811c8fb351fb
SHA512

a33bd189132f598aa6699063d94b719ea051fa1f88dbb3550907c30c648e87a2dc5d9c8c39241e92b1be5a4a7f3b94ec2f69d90d9a7ea6756180bc996ca987db
SSDEEP

49152:VRak2n2iMrKguQBHPVSeryklJJjMgtyIg5X:V0kpLRMeeAJjNtyt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f4e259a4c12a82094240ee2c77c43aa

Files

3f4e259a4c12a82094240ee2c77c43aa
.exe windows:4 windows x86 arch:x86

a66379592fff67299e5c5b8a1b968bf1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoTaskMemAlloc
CoCreateInstance

kernel32

GetCommandLineW
GetCurrentProcess
GetConsoleCP
GetCPInfo
GetCurrentProcessId
GetUserDefaultLCID
GetTickCount
GetUserDefaultLangID
GetSystemDefaultLangID
GetCurrentThreadId
GetCurrentThread
GetModuleHandleW
GetVersion
GetLastError
GetSystemDefaultLCID
HeapAlloc
GetProcessHeap
LeaveCriticalSection
GetEnvironmentStringsW
FormatMessageA
WideCharToMultiByte
HeapDestroy
SetUnhandledExceptionFilter
InterlockedExchange
VirtualQuery
ReadFile
HeapCreate
InitializeCriticalSection
GetStringTypeA

Sections

.text
Size: 350KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ