3ca3f7fe5bf9d72d8cab4e08ef50c411 | Triage

Sharing

General

Target

3ca3f7fe5bf9d72d8cab4e08ef50c411
Size

257KB
MD5

3ca3f7fe5bf9d72d8cab4e08ef50c411
SHA1

293b14c180c9aee004bfc0c00cef00b3ffc60d07
SHA256

abc5f83b6dc8be280b71ddc9ea290b61d69afe8defe207033af7415917f9e1c0
SHA512

944ead157f7df0e5edf2a05e186767fec3618518bf91ba75308da16c274beb5551bbd4984b9ab21397e0b36a3d9ce723ddbe5126e584a7f4c4486f749e99dd47
SSDEEP

6144:oDMM3efVxoRDkfkBT7kbV+QKBA37Lcv+Hlq5:4MURAV+QKBCHl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ca3f7fe5bf9d72d8cab4e08ef50c411

Files

3ca3f7fe5bf9d72d8cab4e08ef50c411
.exe windows:4 windows x86 arch:x86

c796a88bcff0b8e8c6c252d17425b486

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

SetForegroundWindow
IsIconic
GetLastActivePopup
ShowWindow
SetRect
EnumWindowStationsA
GetWindowRect
GetClientRect

kernel32

GlobalFree
GetModuleHandleW
RemoveDirectoryW
GetModuleFileNameW
GetProcessHeap
ExitProcess
GetLastError
GetModuleHandleA
DeleteFileW
GetStdHandle
CloseHandle
SetFileAttributesW
RemoveDirectoryA
GlobalAlloc
GetShortPathNameA
CopyFileA
GetModuleFileNameW
FreeLibrary
GlobalUnlock
ExitProcess
CompareStringW
lstrcpynA
LocalFree
GlobalLock
GetShortPathNameW
FormatMessageA
DeleteFileA
SetFileAttributesA
GetModuleFileNameA
CopyFileW
LoadLibraryA

dciman32

DCIBeginAccess

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.strings
Size: 5KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ