3d1bb8ecd69175f49d993bfb6004b060 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d1bb8ecd69175f49d993bfb6004b060
Size

375KB
MD5

3d1bb8ecd69175f49d993bfb6004b060
SHA1

877fa723f6327b902bb00cf8783364e7dc9877b3
SHA256

54a025daea6271d887c952ef0ac3cc79d66b0b49575222eb19953963ccd19cd6
SHA512

3683457b532c57eb392d4ab52930705da9b982a752e505b18ab0a6e7005844b3d3601eb3ef60f9c0dd632a2672240d6e2b115d4da0f7cb3d993a860a6773bdc1
SSDEEP

6144:qTYCrsZNUsNM/jjBFTufl5V/plnajd07/g7qvGyE8svfZXBUx6A1YjOlRQ:q/snlM/jzTAV/3alqvU84xRXmY4R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d1bb8ecd69175f49d993bfb6004b060

Files

3d1bb8ecd69175f49d993bfb6004b060
.exe windows:4 windows x86 arch:x86

b77ac1b85c8f0ba1daa014b23bdac38b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
lstrcatA
GetTickCount
ResetEvent
CreateThread
GetCurrentDirectoryA
CreateFileW
GetModuleHandleA
PulseEvent
LoadLibraryW
GlobalUnlock
UnmapViewOfFile
HeapCreate
GetComputerNameA
lstrlenA
GetSystemTime
FindClose
Sleep
GetCommandLineW
CloseHandle

user32

CheckRadioButton
GetDC
IsWindow
CallWindowProcA
SetFocus
GetDlgItem
FillRect
DrawMenuBar
DispatchMessageA
GetKeyState
GetScrollBarInfo
DrawEdge
CreateWindowExA

clbcatq

CheckMemoryGates
DowngradeAPL
UpdateFromAppChange
SetupOpen
SetSetupOpen

timedate.cpl

CPlApplet

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ