3a70dc4381d7a1d9668d9e1c8bd99f53 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a70dc4381d7a1d9668d9e1c8bd99f53
Size

43KB
MD5

3a70dc4381d7a1d9668d9e1c8bd99f53
SHA1

985048e2202798370679cc2d03ee0592a1fbf0ca
SHA256

e087ed38aa765b31eb22ceb8a046c7d4b4e6d400e2347a39fa2ee449e9506756
SHA512

c95923926cf3dbdc03a1acf5a808a13e97a3ef28f0bf6249f2842538cfa854db0cf587eb78ce22d7d7f1475727cf941f816a417b6d38efcf2006f821a1efbdf0
SSDEEP

768:4jrMxLDB4/9kuKzZr9YgANT8X6iQmYdopPnf47cH2PYfUGtjmJmX7Ihk:8rMxLDB4FMZOeXhQdepPf8fYfRdIk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a70dc4381d7a1d9668d9e1c8bd99f53

Files

3a70dc4381d7a1d9668d9e1c8bd99f53
.exe windows:4 windows x86 arch:x86

8347a2a8e00bb788c5cfb824eaa38846

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
DeleteAtom
FreeConsole
GetLastError
HeapCreate
VirtualProtect
CloseHandle
GlobalUnlock
GlobalFree
GlobalAddAtomA
LocalFree
lstrcpyA
LoadResource
LoadLibraryExA
SetConsolePalette
RaiseException
IsBadCodePtr
EnterCriticalSection
GlobalAddAtomA
GetOEMCP
WriteProfileStringA

user32

GetClassNameA
GetDC
GetWindow
GetForegroundWindow
CloseWindow
GetWindowTextLengthA
BeginPaint
GetWindowTextA
EndPaint
GetParent
AlignRects
GetClassInfoExA
GetActiveWindow
GetFocus
DrawEdge
IsIconic
ReleaseDC
ShowWindow
ValidateRect

mprapi

MprAdminUserWrite
MprAdminUserRead
MprAdminUserClose
MprAdminUserGetInfo
MprAdminUserOpen

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ