3ac5bd7d6d145df4cdd997ac10db8e3f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ac5bd7d6d145df4cdd997ac10db8e3f
Size

62KB
MD5

3ac5bd7d6d145df4cdd997ac10db8e3f
SHA1

946704d1b028b19eae65aac3777466321e2f1398
SHA256

7dd477d549886c68a5f5e5f7acbb8979d3636683a282f5b600c610da5b2a9ada
SHA512

acb6d7e50ed0b8ddc3fdd47a292fae16da065b653eba97fe1bd72620afc52b211260d3d2ec69a29191e8b472641d98f71764d3387ed48460e4de8847527bb689
SSDEEP

768:rKe8/hAbuN+XJQ2YEBwKtWch+vkH1JYkyEGMAxV81FVTs+n11g8svbYD:enAbekJQ2dfh+6TE7MWiTDnngrvbm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ac5bd7d6d145df4cdd997ac10db8e3f

Files

3ac5bd7d6d145df4cdd997ac10db8e3f
.exe windows:4 windows x86 arch:x86

fde6f03eafba15fb28fc4203ec81515b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
GetStartupInfoA
CreateEventA
VirtualQuery
lstrlenA
FindResourceW
GetCommandLineA
HeapDestroy
CloseHandle
Sleep
TlsGetValue
GetCommandLineA
HeapCreate
GetEnvironmentVariableA
GetModuleHandleA
ResetEvent
GetVolumePathNameA
CloseHandle
DeleteFileW
CancelIo

user32

IsZoomed
FindWindowA
GetWindowLongA
DispatchMessageA
IsWindow
GetSysColor
DispatchMessageA
GetClassInfoA
CreateIcon
DestroyMenu
DrawTextW
CallWindowProcA
PeekMessageA

psbase

SPDeleteSubtype
SPDeleteSubtype
SPDeleteSubtype
SPDeleteSubtype

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE