3a5cc204a5be2a6774e22b4e7b97b3e1 | Triage

Sharing

General

Target

3a5cc204a5be2a6774e22b4e7b97b3e1
Size

18KB
MD5

3a5cc204a5be2a6774e22b4e7b97b3e1
SHA1

9a3839bc53aba551051be424f334592aebe1bcc1
SHA256

247a26331a54dcb0380bba6a37c1e64deacbed99a29d4133392c425813d2632f
SHA512

71d9bf7f51e5639152ce6d85cfff75d1ba032a54a2d373abd02a87260b4dc95bd5c9574f3984ddc97862778e8ce0b4d758c75529041552c23d56198e47908bf6
SSDEEP

384:e6Arb2ANhzom3USO8/pSYuDW20mKc1w4rvojKpr6D8jjvjj2:e6AraAN23n8qERj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a5cc204a5be2a6774e22b4e7b97b3e1

Files

3a5cc204a5be2a6774e22b4e7b97b3e1
.exe windows:4 windows x86 arch:x86

9209da7c91533e43036ddce2377c257b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
GetTickCount
WaitForSingleObject
HeapWalk
LoadLibraryA
TlsGetValue
GlobalUnlock
CloseHandle
GetAtomNameA
lstrlenA
VirtualProtect
GetVersion
GetModuleHandleA
TlsFree
GetProfileIntA
GetConsoleCP
GetACP
InterlockedExchange
HeapReAlloc
GetStdHandle
CompareFileTime

user32

PostMessageA
InsertMenuA
SetWindowPos
UpdateWindow
ModifyMenuA
GetDlgItem
GetMenuStringA
SetPropA
TranslateMessage
SubtractRect
DispatchMessageA
CopyRect
GetWindowTextA
EqualRect
GetScrollRange
MessageBoxA
InflateRect
EnableScrollBar
DestroyMenu
GetMenu
PaintDesktop
GetKeyboardLayout
ShowWindow
CreateCaret
PostQuitMessage
LoadIconA
DialogBoxParamA

msi

MsiEnumProductsA
MsiDoActionA
MsiEnumClientsA
MsiGetMode
MsiCloseHandle

clbcatq

GetDllType

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ