3aee39369ff82064b571c9236d1251cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3aee39369ff82064b571c9236d1251cf
Size

101KB
MD5

3aee39369ff82064b571c9236d1251cf
SHA1

ce4262031add8b3f87a007dffba7aa81e558a79c
SHA256

eb10b8954ab035d26bf78bbd47dd02cfdc198caa8798a5bef4d4b4e96c4d53c4
SHA512

5a8e0ee4abf4c577ad2426cab03653670401968c9cb047fab9aa82f788b207037d521b1ef1c4caf26afa14e9065987136c0153585daaed1477a2cfcd3d0d4e5c
SSDEEP

1536:diW42/gm3hyOr7D3VZVXCVBvHwm+shlpdb3WHggt9s3QJsxFobmbAHsDp7Q:dNiJOrHVSVRwm+shpb3WH7JaDfUMdc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aee39369ff82064b571c9236d1251cf

Files

3aee39369ff82064b571c9236d1251cf
.exe windows:4 windows x86 arch:x86

938ad46900b9dc59993a1e37b96fcf81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetFileSize
GetCurrentDirectoryA
GetCurrentProcessId
CreateEventA
LocalFree
ExitProcess
WaitForSingleObject
CreateMutexA
VirtualProtect
GetComputerNameA
DeleteFileA
VirtualAlloc
GetWindowsDirectoryA
GetModuleHandleA
GetCurrentThreadId
ReleaseMutex
LocalAlloc
WriteFile
GetSystemDirectoryA

user32

CreateDialogParamA
FindWindowA
GetSystemMetrics
GetClassInfoExA
GetActiveWindow
PostMessageA

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ