3a822a390a5d662689c54c5c159fa341 | Triage

Sharing

General

Target

3a822a390a5d662689c54c5c159fa341
Size

47KB
MD5

3a822a390a5d662689c54c5c159fa341
SHA1

0aa1c0592489b82ddd4782f994df40963aeb7e1d
SHA256

79ee31f4fb796d46b908c9a4c11f2bb5e9a0b788c464e22055ed5ea43ad75e2f
SHA512

65d3979510f207cc661b3e35334a98718221e13560a8345710fc11bbb0d0070774c8ea397a23e2489d12e3fc9c276df9337aaa601160f683419ba42d64282288
SSDEEP

768:/Rz8iZlXIx2iVvaQRIrx1OrGtH7hn1xDplA3K9MiYd91R3ZrhBIU476s4isfqfeU:ZzdZlG2i5aQRIV1OrIbhn1/lA2k9H9hw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a822a390a5d662689c54c5c159fa341

Files

3a822a390a5d662689c54c5c159fa341
.exe windows:4 windows x86 arch:x86

baaefdf31431fe69def30fc0d5e9feea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateProcessA
ExitProcess
FindResourceA
FlushFileBuffers
GetACP
GetCommandLineA
GetConsoleMode
GetFileType
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetProcessAffinityMask
GetStartupInfoA
GlobalAlloc
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedExchange
IsDebuggerPresent
MulDiv
MultiByteToWideChar
ResetEvent
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsSetValue
VirtualFree
lstrcatA
lstrlenW

user32

GetWindow
IntersectRect
LoadImageA
GetUpdateRgn
UpdateWindow
WindowFromPoint
GetMenuCheckMarkDimensions
RegisterWindowMessageA
CheckRadioButton

comdlg32

GetOpenFileNameA
PrintDlgExA

Exports

Exports

MIDL_user_free
SetCaptureDeviceFormat

Sections

.text
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ