3cabeb42491366fb50ed8178a12e963e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cabeb42491366fb50ed8178a12e963e
Size

100KB
MD5

3cabeb42491366fb50ed8178a12e963e
SHA1

8b4afa66bf54190174df10301cb7f5f9aa69ed6e
SHA256

bd6d88bc4dfa5b1ba8229c397c15fbcf9fd5fc132b650110d61ba0d60d1f7013
SHA512

559db55093f6d5848afd7371593fd808e2848a7991f03e080d80f505609bc0fc9eabcad7aba83ef96247ac5207d7dfa64c1218d024cc676b37a2b13fe03d6e6e
SSDEEP

1536:V4LC202H2cufzLTGDdgrms6r3lUaA0UxiGL4Y+vjEaM:VlXfGDdgSPR7UA8lH5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cabeb42491366fb50ed8178a12e963e

Files

3cabeb42491366fb50ed8178a12e963e
.dll windows:4 windows x86 arch:x86

d99dfc7685cf867a7587c071b4b9bea1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
GetEnvironmentStrings
GetCompressedFileSizeA
HeapSummary
Thread32First
GetFileSize
GetStringTypeExW
DelayLoadFailureHook
ReadConsoleOutputCharacterA
EnumSystemCodePagesW
WaitForDebugEvent
ClearCommBreak
GetFileAttributesW
SetLocaleInfoW
SetVolumeMountPointW
GetHandleInformation
VirtualQueryEx
GlobalAlloc
WritePrivateProfileStructW
SetInformationJobObject
DuplicateHandle
FindCloseChangeNotification
EnumDateFormatsA
Process32NextW
HeapSize
CommConfigDialogA
IsDBCSLeadByte

Sections

code
Size: 8KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ