3df26d173f2c7c212ef1b6afc955e63d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3df26d173f2c7c212ef1b6afc955e63d
Size

2.8MB
MD5

3df26d173f2c7c212ef1b6afc955e63d
SHA1

130c870945c785721a19d68d0add9994a2ae2013
SHA256

3db1a143ba166b64b031d31efa0588b93c29998cf76c92ac49279019df26ed7f
SHA512

ed36745bac9c9a9685fa3374a037ed59f78676c63f7d66ce4b2af2bfdbb4454849fc5234f4353efcde8debc30d2e12e323650f0332ec5b97efdffa7b4b09e8f6
SSDEEP

6144:v1P86iCHeOd/fTHGbVqNaQdXjgMpIOq9lpj:tpMO1f6qzgMpI39Xj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3df26d173f2c7c212ef1b6afc955e63d

Files

3df26d173f2c7c212ef1b6afc955e63d
.exe windows:5 windows x86 arch:x86

8b1f866f8d1aaf4707563e40128e4e56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

gdi32

LPtoDP

user32

ChangeDisplaySettingsA

advapi32

RegCloseKey

comdlg32

GetSaveFileNameA

comctl32

ImageList_Draw

shell32

ShellExecuteA

version

GetFileVersionInfoA

ole32

CoCreateInstance

oleaut32

SafeArrayGetElement

odbc32

ord10

Sections

.text
Size: 196KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE