3c60e219798a39a419dd5d72804af44f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c60e219798a39a419dd5d72804af44f
Size

1.1MB
MD5

3c60e219798a39a419dd5d72804af44f
SHA1

0990a23b4e9eee1160e47717811e4146e43ad1ac
SHA256

6e34fff5b8650dcf1b37b234f0d7474c2596b3fa8d7ef5f349072b1844da06a5
SHA512

6e5d8a4b569905307e0b96a86a7663267f34424245a58deb5e54b2b4c2f7ec3c1232bfcc28fae11258226a8704d9061bec886c0f0fe4fbf73acd38d8613854cd
SSDEEP

24576:+TZ05foF4q/ndddRzQy8hFuZVeU1W/Wsvnb:Aofq4q/ndnRr8vuZVtWeib

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c60e219798a39a419dd5d72804af44f

Files

3c60e219798a39a419dd5d72804af44f
.exe windows:4 windows x86 arch:x86

a2630047a22511e7f53cbb3d8f83f683

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetUserDefaultLCID
GetCurrentThread
GetModuleHandleW
GetTickCount
GetVersion
GetCurrentThreadId
GetCommandLineA
GetLastError
GetCurrentProcess
GetSystemDefaultLangID
GetModuleHandleA
VirtualAlloc
InterlockedIncrement
LocalAlloc
GetDiskFreeSpaceA
LoadLibraryA
GetVersionExA
HeapAlloc
IsDebuggerPresent
SetEvent
GetCurrentProcessId
LCMapStringW
GetStdHandle
GetOEMCP
GetACP

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 784KB - Virtual size: 783KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ