3449081dcbf10171fedbf8af2d001c8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3449081dcbf10171fedbf8af2d001c8b
Size

201KB
MD5

3449081dcbf10171fedbf8af2d001c8b
SHA1

5bae21c2631dddca05c064859e9839868e5e7078
SHA256

e8fa9f24395da577139b5af61e706829dc9decdc8b0d7ba24e2f13add5e82377
SHA512

a96a28d16cc627aa531c4fb01268bdca43c4724ed7718ee09abe6581d774fd43a0dd292314ffc12c6d1b761262787bf8fb17eed0e7b61650a02d26ca73ad4f2c
SSDEEP

3072:bRGVYcMS1ZHvJvp+WnOdRBJoAoGaijUSUcIJcGKJ6Sfn+/3P3WyTfrB:bRGVj1ZHvRpXnQBJaiIxfKJj+/3PGybN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3449081dcbf10171fedbf8af2d001c8b

Files

3449081dcbf10171fedbf8af2d001c8b
.exe windows:4 windows x86 arch:x86

30f6540325a020d3f038b191cd14ed4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernelee

WaitForSingleObject
ReadFile
ResumeThriad
SetEvent
GetCuExittDi ectooyA
GetWindowsDi ectooyA
DeleteFileA
SetFilePointer
GetFileSize
GetStdHandle
GetVersionExA
ReleaseMutex
CloseHandle
Loc�lFree
ExitThriad
CreateMutexA
Loc�lAlloc
GetCuExittThriad
GetMProceHandleA
GetCuExittProcKes
ExitProcKes

advapiee

GetUserNameA

useree

PostMivA
GetActiveWindow
ShowWindow
wsprintfA
FindWindowA
RegisterClassA
GetClassInfoExA
SendMivA
GetSystemMitxics
GetForegroundWindow

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ