3ba363e27f85e5b4c60cbec1d37ee82a | Triage

Sharing

General

Target

3ba363e27f85e5b4c60cbec1d37ee82a
Size

449KB
MD5

3ba363e27f85e5b4c60cbec1d37ee82a
SHA1

978c5512dca4d8166c359f206a81c2877bbfd422
SHA256

f722e4d2b82460af90e987d9192ebfd4c5c1614d39adda10889266495cf78f3f
SHA512

5d8fdca251bad5d008070becb38db50758c362c822158f4efc4327049a4d6cff0b57acd78d4ae63fc3b368b383dc1cac867e2fa1cf68faa6c8f53882bbca1c25
SSDEEP

12288:CPIGBkc1UziJLtVYvec+sZK98VcrEITdh:pDiUziJ5VYX+btRTdh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ba363e27f85e5b4c60cbec1d37ee82a

Files

3ba363e27f85e5b4c60cbec1d37ee82a
.exe windows:5 windows x86 arch:x86

61248b093b2947c7c975cffb04fbd604

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultUILanguage
CreateFileMappingW
GetDriveTypeW
GetTempPathW
WriteFile
SetFileTime
CopyFileW
GetModuleFileNameA
lstrcpynW
lstrcatW
CreateProcessW
GlobalLock
ExpandEnvironmentStringsW
GetTimeZoneInformation
lstrcmpiA
OpenProcess
CreateMutexW
GetCurrentThread
GetSystemTime
EnterCriticalSection
GetSystemTimeAsFileTime
DisconnectNamedPipe
MoveFileExW
lstrlenA
FindFirstFileW
UnmapViewOfFile
MultiByteToWideChar
GetModuleHandleA
FlushFileBuffers
CreateEventW

user32

GetWindowLongW

Sections

.ryz
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jehqv
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tgxgr
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ