3aeba17f669fa885e2c3516c98246317 | Triage

Sharing

General

Target

3aeba17f669fa885e2c3516c98246317
Size

16KB
MD5

3aeba17f669fa885e2c3516c98246317
SHA1

d24145de546e7adae1251ccbc8ddf86a9050aa84
SHA256

3ee4278de0d6a6dda3ff1ee3c7ea568f8b8daf38608cedcc738e1a48c90f744e
SHA512

a79d39b17db6b089e7bfca4b19b79e30c85f2691e91901cf442ce17e5a0fdb3b857d7f5ead290b6b70203168e12e966cbff513035648fe2f36f3fb7735d26156
SSDEEP

384:UD4q2k84kAvMroQWNHlIu8c/ZTkXyWN4pCbFa:UD4l0vMMQAF+GyDN4Ow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aeba17f669fa885e2c3516c98246317

Files

3aeba17f669fa885e2c3516c98246317
.exe windows:4 windows x86 arch:x86

fc9549db5f729ae4cee6e8749d80e581

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
GetConsoleMode
SetEnvironmentVariableA
ReleaseMutex
HeapCreate
CloseHandle
lstrlenW
CreateFileA
SetLastError
LoadLibraryExW
LocalFree
PulseEvent
FindResourceA
GetCurrentThreadId
TlsGetValue
Sleep
GetModuleHandleA
GetStdHandle
CreateMutexA
GlobalUnlock

user32

CallWindowProcA
GetClipCursor
CopyRect
DrawEdge
IsWindow
DrawMenuBar
SetFocus
GetDC
GetIconInfo
CheckRadioButton
GetDlgItem
DispatchMessageA
FillRect

apphelp

SdbGetDatabaseID
SdbFindFirstTag
SdbFindNextTag
ApphelpCheckIME
SdbCloseDatabase

clbcatq

ComPlusMigrate

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ