3d9700ed922ce90ba18bbd71cb9e0a1e | Triage

Sharing

General

Target

3d9700ed922ce90ba18bbd71cb9e0a1e
Size

41KB
MD5

3d9700ed922ce90ba18bbd71cb9e0a1e
SHA1

117e52527072aa089a8160148da001998dd110cb
SHA256

0879ac5f8e5392979033b168f9e8202dc430713f2e320b9cda84ff3e04e623d7
SHA512

a0a8310c01e3e406e827ec2137a835c770a06ba3f42905f074730f01379895df029a415d256783b1d56d3e96572b0cbb50c65d36aa8d9a2d7f3baa0668717c83
SSDEEP

768:fWiafXwcbU3MXWla6pb8DFc5LnGQgjX/KkUP1+1wEUaKRoh:fRazoMGla6e5c5L/gjvKkUP1HGa6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d9700ed922ce90ba18bbd71cb9e0a1e

Files

3d9700ed922ce90ba18bbd71cb9e0a1e
.exe windows:9153 windows x86 arch:x86

3518f05222faac80f19b141fe909c5e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegQueryValueExA
SetSecurityDescriptorDacl
OpenThreadToken

user32

SetFocus
GetWindowRect
SendMessageW
GetFocus
SendMessageW
MapWindowPoints
GetFocus
SetWindowPos
LoadStringA
SetCapture
BeginPaint

gdi32

MoveToEx
BitBlt
GetTextMetricsW
CreateCompatibleBitmap
GetObjectW
GetStockObject
SelectObject
CreateFontIndirectW
GetObjectW

kernel32

HeapAlloc
FormatMessageW
LoadLibraryA
GetModuleHandleA
GetTickCount
ExitProcess
VirtualAlloc
VirtualAlloc

shell32

ShellAboutW
SHGetFileInfoW
ExtractIconExW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
DragFinish
SHGetFolderPathW
SHGetMalloc
DragFinish
SHGetFileInfoW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ