3caf7366f4317d4a5bb6df2e48b3cccb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3caf7366f4317d4a5bb6df2e48b3cccb
Size

116KB
MD5

3caf7366f4317d4a5bb6df2e48b3cccb
SHA1

7a96a2110831f01a35a624cc57ddecaad9d48f9e
SHA256

e0e118af3022200b6ca44e5522dc23499bf5ab0b78b12389cf1319ff77bffb79
SHA512

71ae8d0d106056af9c77dc4253b3afd635e2d5dcbe4100b9c846153ed2abd72b0eb4047922a6167dff74fffdb543a61ea79e5d5f5bcc795fc39513c873695ede
SSDEEP

1536:A8uI283zgIe3bb3OYsY1KKA8jHZnlzEDvdguIJG2oRkTv:P2Y77AA8jHZny1gfrYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3caf7366f4317d4a5bb6df2e48b3cccb

Files

3caf7366f4317d4a5bb6df2e48b3cccb
.exe windows:4 windows x86 arch:x86

04b28a8784c7d6d13e9b35b8ec8bd79d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetDiskFreeSpaceExA
GetEnvironmentStringsA
GetCurrentProcess
PurgeComm
ExitProcess
GetCommandLineW
SetProcessPriorityBoost
ProcessIdToSessionId
UnlockFileEx
LockResource
GetPrivateProfileSectionNamesW
QueueUserWorkItem

user32

CheckMenuRadioItem
RemovePropA
EndDeferWindowPos
UpdateWindow
LoadCursorFromFileA
LockWindowUpdate
GetDCEx
ChangeMenuA
PeekMessageA
ActivateKeyboardLayout
InvalidateRgn

gdi32

GetRasterizerCaps

Sections

.text
Size: 104KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ