3429c1e22e662be7aef02cf8a83098e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3429c1e22e662be7aef02cf8a83098e0
Size

74KB
MD5

3429c1e22e662be7aef02cf8a83098e0
SHA1

5d328d8b91ee750ee34bb5deca50ba39586f42e9
SHA256

6e3ebe6de7f8b58e88d881b684838078c440b72ae56e0beb72b8103a7eb673c7
SHA512

3221a4aecf13cbdebbd8e6513705f7faa4d4973bc17941a65dded60f270dae830d02acd31b69663ee018a4f694656e1fbc82de86eb3c6ed4bd4eb18cd9ef9fec
SSDEEP

1536:Idj6J8N/GQ8HSC7RQZxMig8Ib6WM9Wm+2bR2d1rn7:IdjBN/QSC72ZCv8Ib29NF813

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/box_mail_hsyw6483kwks.cpl

Files

3429c1e22e662be7aef02cf8a83098e0
.zip
box_mail_hsyw6483kwks.cpl
.dll windows:4 windows x86 arch:x86

dd932b1a8f5caa7c6742dce50c0a7c23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

wininet

InternetSetOptionA

Exports

Exports

CPlApplet

Sections

.text
Size: 69KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE