3f84ec768f0ba539f9c1834fe5227e36 | Triage

Sharing

General

Target

3f84ec768f0ba539f9c1834fe5227e36
Size

34KB
MD5

3f84ec768f0ba539f9c1834fe5227e36
SHA1

6fa65396b78e515197457c0bb33a04900d7dc1ad
SHA256

e6bedbb18f808fa009317634ffb2431f24b2f9bbd762f4e29e7194a3594328eb
SHA512

28628d71cf2fbf9f24876d45fd58a71f7901cf9ffd3050e9b339cef09f4c519638d71ee3ad8afffa3bf43686ee17b41a51a3a713d462f54048c2d8ab451af56f
SSDEEP

768:s6Y3FU4MLg+FEtXQmUDP8Xh97ukFqmyzypKfO5QQ6eiyTmBXZ:uFSLg+FmQSZ8fGOn+T+XZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f84ec768f0ba539f9c1834fe5227e36

Files

3f84ec768f0ba539f9c1834fe5227e36
.exe windows:4 windows x86 arch:x86

40981611e35de88a3af1d4ec2dada19e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_vsnwprintf
memset
bsearch
_beginthreadex
_isctype
_wfopen
fseek
malloc
_waccess
strlen
strspn

ole32

CoGetObjectContext
OleRegGetUserType
OleCreateLink
CoRegisterClassObject
CoRevokeMallocSpy
CoCreateFreeThreadedMarshaler
OleRegGetMiscStatus
OleDraw
OleInitialize

gdi32

DeleteDC
DeleteObject
Polyline
GetTextExtentPoint32W
EndDoc
BitBlt
SaveDC
Rectangle
GetDeviceCaps
CreateFontIndirectW

user32

SetClassLongW
GetMenu
CallWindowProcW
GetDC
CreateMenu
TrackPopupMenuEx
ScreenToClient
UpdateWindow
GetCapture
PostMessageW

ulib

?ResetConversions@WSTRING@@SGXXZ
?QueryClassId@OBJECT@@QBEKXZ
?WaitForUserSignal@MESSAGE@@UAEEXZ
??0LONG_ARGUMENT@@QAE@XZ
??0FLAG_ARGUMENT@@QAE@XZ
?IsEmpty@FSN_DIRECTORY@@QBEEXZ
?UlibRealloc@@YGPAXPAXK@Z
?GotABreak@KEYBOARD@@SGEXZ
?IsPCAT@MACHINE@@QAEEXZ
??0ARRAY@@QAE@XZ

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE