3b2eaf1bce72fa400465711f8206bef1 | Triage

Sharing

General

Target

3b2eaf1bce72fa400465711f8206bef1
Size

212KB
MD5

3b2eaf1bce72fa400465711f8206bef1
SHA1

615565cc90160e01762cbc02ff7d92575528950d
SHA256

b25435ba5f5b52d008c1175f60cb42633b64e85341b9e6069e2d774bfac6591b
SHA512

e7151b6213185736ad66c80db44d2b1b7e4a34f899f976286e7ffc27b550016ccb185106538ebd4140e8b159fda2dbc9ca58862dbe38b7d9de5b5f9ad4973b19
SSDEEP

1536:lGvQwEniLrjjwWjsH8RiwOwH1k0hpJT7:rwfLrvDgUO10p7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b2eaf1bce72fa400465711f8206bef1

Files

3b2eaf1bce72fa400465711f8206bef1
.exe windows:5 windows

ffa36a1b9a193923467886656d0e407a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

Imports

ntdll

strncmp

secur32

EnumerateSecurityPackagesW

advapi32

EnumServicesStatusExW

wininet

FindNextUrlCacheEntryExW

winspool.drv

GetPrinterDataW

kernel32

GetUserDefaultLCID
GetVersion
GetTickCount
GetQueuedCompletionStatus
GetProfileIntA
EnumTimeFormatsA
FindResourceExA
FreeEnvironmentStringsA
GetThreadTimes
DeleteFileA
GetStartupInfoW
FindResourceExW
GetProcessVersion
GetThreadId

user32

DefFrameProcA
ModifyMenuA
GetWindowLongA
GetMenuCheckMarkDimensions

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ