3be22800f74a093f537d3e552d499d54 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3be22800f74a093f537d3e552d499d54
Size

275KB
MD5

3be22800f74a093f537d3e552d499d54
SHA1

ee7194263244ec8ffb8b695f0b2c442040df64d4
SHA256

3d82c6289b65eb32d6275834a693d94ceade4894bc48af34aa2546015476474a
SHA512

4ddb07a5b7033e306abbe71a1ee3c67952d093585b55a594103f8ac7dc9f870abdc6d13ec2b10905dfbc017b55e4ec751d3a043c1e322d558e571a324594a346
SSDEEP

6144:T9EUH0bSBPVslmhpO8gY7VYi4sUWlPnHMHu2rNnKbfblfWTVJR:T3H/1VslmhNeHsUWJJ2rNKViVH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be22800f74a093f537d3e552d499d54

Files

3be22800f74a093f537d3e552d499d54
.exe windows:4 windows x86 arch:x86

a54cee1a30839b64a34c4e030f63305f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
GlobalGetAtomNameA
MultiByteToWideChar
GetProcAddress
GlobalSize
GetPrivateProfileStringW
GetModuleHandleW
LockResource
WritePrivateProfileStringW
GetVersionExW
GetModuleFileNameW
FindFirstFileW
LoadLibraryA
EnumResourceTypesW
LoadResource
lstrlenW
FreeLibrary
FindClose
Sleep
InitializeCriticalSection
GetVersionExA
IsDBCSLeadByteEx
LoadLibraryW
DeleteCriticalSection
MulDiv
GetTickCount
GetLocaleInfoW

wininet

InternetErrorDlg
HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetCrackUrlA
InternetTimeToSystemTime
HttpQueryInfoA
InternetReadFile
InternetConnectA
HttpOpenRequestA
InternetTimeFromSystemTime

shell32

SHGetImageList
ShellExecuteExA
ShellExecuteW
SHBrowseForFolderA
SHGetPathFromIDListA
CommandLineToArgvW
SHGetFolderPathW
SHGetFileInfoA
SHFileOperationW
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ