3704dc9369bb41f130e726f095a2c7bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3704dc9369bb41f130e726f095a2c7bd
Size

747KB
MD5

3704dc9369bb41f130e726f095a2c7bd
SHA1

5bac4955122382e9c5c20e4dd9a5b9027f5688d6
SHA256

38bee632414d1f9473ee3b601fff9702bc563abb1e5c2a3504e1db553e8716cd
SHA512

3535cf7a563ab181bd914453872e439675e05cae07332b63978fe84646ac6fd71234abf5ac9caabe58065001f809a7c5b7294ba098a4bbe309bc8b0207c8cbbb
SSDEEP

12288:B/D0Ya3rKeIh2xZvuagrwiVPKZt7pbSqR5tjbWZSY2LQqdA:B/DG3rn62buagxlWt/tnfxLQ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3704dc9369bb41f130e726f095a2c7bd

Files

3704dc9369bb41f130e726f095a2c7bd
.exe windows:5 windows x86 arch:x86

1ec69cbe92a101a5c3bd77225991e69e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
IsBadReadPtr
CancelIo
CreateSemaphoreA
HeapCreate
GetCommandLineA
GetTickCount
GetModuleFileNameA
WaitForMultipleObjects
FindVolumeClose
GetModuleHandleA
GetFileTime
GetFileType
GetCurrentDirectoryW
WriteFile
FindClose
GetFileAttributesA
CreateDirectoryA
ExitThread
GetDriveTypeA
LocalSize
lstrlenA
CloseHandle
HeapFree
VirtualQuery

uxtheme

DrawThemeEdge
CloseThemeData
GetThemeBool
GetThemeColor
OpenThemeData
GetThemeEnumValue
IsThemeActive
GetWindowTheme
GetThemeTextMetrics
CloseThemeData
DrawThemeBackground
GetThemeTextExtent
SetWindowTheme

fltlib

FilterClose
FilterClose
FilterClose
FilterClose

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 739KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE