3b406d5031c7285970a2a039f3cb3877 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b406d5031c7285970a2a039f3cb3877
Size

200KB
MD5

3b406d5031c7285970a2a039f3cb3877
SHA1

7249128b20cb0d7f2aad7206f96d51da774b9a8c
SHA256

28af3c06d15cbecc48cbb2dbf82a07ce3c8078b57471f9caa722285ee5c4d8d5
SHA512

a664728a9c558c9c614d1f414b720ae84766e6709684574d0f50e1e47c07cea951fbfe3f0d671619c94f052540f3c338519e2cef7882de86ed41df56a12b414a
SSDEEP

6144:tEuYoSZE3v6BXrbbkGe6HNUeG5/XaOacylYkA:tYAv6B7bm6tRIPFacylYkA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b406d5031c7285970a2a039f3cb3877

Files

3b406d5031c7285970a2a039f3cb3877
.exe windows:5 windows x86 arch:x86

3fa3eb50b6b2258822662c830945ce0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FatalExit
CloseHandle
DeleteAtom
GetModuleFileNameA
CreateSemaphoreA
GetModuleHandleA
CreatePipe
WaitForMultipleObjects
WriteFile
GetProcessHeap
IsBadWritePtr
ClearCommBreak
GetDriveTypeW
SetVolumeLabelA
RemoveDirectoryA
GetFileType
AddAtomA
FindAtomA
CreateDirectoryA
HeapCreate
RemoveDirectoryA
GetCommandLineA
SetEndOfFile
HeapFree

cryptui

CryptUIStartCertMgr
DllRegisterServer
CryptUIDlgViewContext
CryptUIDlgFreeCAContext
CryptUIWizDigitalSign
CryptUIWizBuildCTL
CryptUIWizExport
CryptUIWizImport
DllUnregisterServer
LocalEnrollNoDS
WizardFree
LocalEnroll
WizardFree

mgmtapi

SnmpMgrCtl
SnmpMgrCtl
SnmpMgrCtl
SnmpMgrCtl

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE