3ddcfdb86d921e912079596baa2043fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ddcfdb86d921e912079596baa2043fe
Size

33KB
MD5

3ddcfdb86d921e912079596baa2043fe
SHA1

d2594941b44957bf144e7b150b15d4c1db681c01
SHA256

426cd4b7d25911ebf272c1b48326dcee2182e0e7600a2b061fc9ad9e9f49ad68
SHA512

e1de0f8b263506e981924ab4261f4cc81f4c7fdcd745214af624829a29e967fd38b83158736f82c701d58ebe34817890038b2eed82d4c5f6b7812d8eb4ff3952
SSDEEP

768:L5/OyXHVLu02dyC68epfxIhusE7bO9m0AfkSF:F/pXRuByHlIksUO9mJ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ddcfdb86d921e912079596baa2043fe

Files

3ddcfdb86d921e912079596baa2043fe
.exe windows:4 windows x86 arch:x86

7fec5ed7ae4d900693709c2a91d33aa6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
CreateFileA
GetFileAttributesA
LoadLibraryW
GetSystemTime
GetComputerNameA
LocalFree
GetModuleHandleA
TlsGetValue
SetEvent
GetCommandLineW
SetLastError
FindAtomA
CloseHandle
GetTickCount
HeapCreate
ResetEvent
GetDiskFreeSpaceW
SuspendThread
CreateThread

advapi32

RegCreateKeyExA
CredFree
RegDeleteKeyA
RegEnumValueA
IsTokenRestricted
GetLengthSid
RegQueryValueA
RegCloseKey
CreateServiceW
RegEnumKeyExA
GetFileSecurityA
GetUserNameW
CloseEventLog

cryptui

CryptUIDlgSelectStoreA
LocalEnroll
CryptUIDlgCertMgr
WizardFree
CryptUIDlgSelectCA

powercfg.cpl

CPlApplet

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ