3967e6dc5b1ec13a5c0fc803066ce370 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3967e6dc5b1ec13a5c0fc803066ce370
Size

312KB
MD5

3967e6dc5b1ec13a5c0fc803066ce370
SHA1

25cfaddddf81766305de9eb4cee68b8dc8a65c81
SHA256

ba9b0371e039817651467be8515b3615b454392d93d60c0ded1da44cf12e3f8c
SHA512

4515842fccca8f87a5b6606155dd1c2c83173f511301b0709b43bcaa85af215657771e23529f68052ad2bb7bf6a0c15baed7311ffab47dfddda0959f2cf33551
SSDEEP

6144:DHB4U8SZ6FFZGjaCLoOAG99sAEa4LZtz5ft13ZC11b2+Lh+679+y7Ul/WtBB+Wxa:DyjCmFLCLXiAMN5l1k11b225l7Uy+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3967e6dc5b1ec13a5c0fc803066ce370

Files

3967e6dc5b1ec13a5c0fc803066ce370
.exe windows:4 windows x86 arch:x86

e8f3ed5f6fd79f96db1468d64c3e29d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
SetErrorMode
InterlockedExchange
HeapCreate
GetSystemDirectoryA
RaiseException
SetEvent
CloseHandle
GetCommandLineA
GetACP
GlobalFree
EnterCriticalSection
ReleaseMutex
LoadLibraryExA
GetLocaleInfoA
GetStdHandle
VirtualProtect
ResetEvent
Sleep
GetLastError
FindFirstFileA

user32

GetFocus
GetWindow
GetWindowTextA
GetParent
FrameRect
ReleaseDC
GetClassNameA
GetActiveWindow
SetForegroundWindow
ValidateRect
EndPaint
DrawTextA
FlashWindowEx
BeginPaint
IsIconic
ShowWindow
FillRect
wsprintfA
GetCursorPos

httpapi

HttpCreateHttpHandle
HttpAddFragmentToCache
HttpInitialize
HttpAddUrl
HttpTerminate

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ