3d0124935e966ea72e36cbb0c38581e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d0124935e966ea72e36cbb0c38581e8
Size

296KB
MD5

3d0124935e966ea72e36cbb0c38581e8
SHA1

1f833a66fe988f489c2273bbc89a9dd4b7b5bd1e
SHA256

47dc7143bbf88ff5d94f594d6382e4629c16c34e8e3178fbdf5be210c0bfc593
SHA512

e5ba92207b782aebf51eb6c31879715b8d83f8ab18f52149363042b8670fa79f01104f693011aaa5cafeb7b75c7a23390a726f2813012d8adf95ac137e8f2073
SSDEEP

6144:87KQF8Wvz3CVfbQEpFz8+KEGv79T6fGXVv42Jmwsh+sz42ydKfN:87KQFXb3CV8EpFz8C6Jnlv4Snu+sz0dc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d0124935e966ea72e36cbb0c38581e8

Files

3d0124935e966ea72e36cbb0c38581e8
.exe windows:4 windows x86 arch:x86

1ddc10b5351d591f50d73af23597c720

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CloseHandle
PulseEvent
GetTickCount
ResumeThread
GetModuleHandleA
GetLastError
TlsGetValue
DeleteCriticalSection
GetComputerNameA
VirtualProtect
GetStartupInfoA
SearchPathA
ReleaseMutex
AddAtomA
ExitProcess
SetEvent
HeapDestroy
GetDiskFreeSpaceA
lstrcmpiA

user32

EnableWindow
GetKeyState
CreateMenu
CopyImage
DragDetect
CloseWindow
IsIconic
GetScrollBarInfo
CopyIcon
DispatchMessageA
CreateWindowExA
GetMessageA
EndDialog
DialogBoxParamA

cfgmgr32

CM_Add_Range
CM_First_Range
CM_Get_Child
CM_Delete_Range
CM_Add_IDA

shell32

DragQueryFileA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ