3911d8371fd6fe478d4c2f7cbb85b170 | Triage

Sharing

General

Target

3911d8371fd6fe478d4c2f7cbb85b170
Size

109KB
MD5

3911d8371fd6fe478d4c2f7cbb85b170
SHA1

1ad4518dc51a50f64121cd96e040889824b8e42f
SHA256

1e9fbae11533c0c0a4b23bcc2cd310a5de0116c4515a44506b9c369a7d02a222
SHA512

391f0162c017ac3bf6bdc86504ad020957d03a6aa9f186737bd4a1c43027a87d83cfa66d1b7eaa1706760a9262b4f29760b159d9a8c3689dba99e532fe2fb444
SSDEEP

1536:+06F3hjSDjxe78yJZuP5+ILpBrv7Xv/+WS7lwS6arF5nfOHcGDW4l/rQqHs7:V6ie782ZIPLpBvXnV0lwormHcGK4+yW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3911d8371fd6fe478d4c2f7cbb85b170

Files

3911d8371fd6fe478d4c2f7cbb85b170
.exe windows:5 windows x86 arch:x86

21982f03e54e0938472d176caaccdd7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
MoveWindow
GetActiveWindow
EnumChildWindows
GetDesktopWindow
SetWindowLongW
IsCharAlphaW
IsCharLowerA
DialogBoxParamA

ole32

CoRevokeClassObject
CoEnableCallCancellation

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

GetTickCount
InitializeCriticalSection
DeleteCriticalSection
GetStartupInfoA
SizeofResource
SetFileAttributesA
HeapCreate
GlobalHandle
HeapDestroy
LoadResource
FindResourceExA
HeapFree
GetProcAddress
FreeLibrary
LoadLibraryA
GetSystemTimeAsFileTime
GetThreadPriority
LocalFree
LocalAlloc

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ