3e7ed4198f365f987b3444e8eda33204 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e7ed4198f365f987b3444e8eda33204
Size

117KB
MD5

3e7ed4198f365f987b3444e8eda33204
SHA1

24c440f50ba43dea6c49bd855dd58e4a2b93a32b
SHA256

07e80c1adedca7e6cf03d36582490c0d8cbfaf8282f6f8812e2bfe9ce46661b2
SHA512

b1caecf693f27750dd91b5e747608a0f5053854077af15d56d58438ada1603f41cf38d2bf1cc8bb7a30ca71be63a80b9f174567d746e45db72f342165b8fde19
SSDEEP

3072:wYcBaksesbs0wR6NzcyE7gG+a2iL1fXA8SOUGQR:wsEsbs0wR65cyIZzA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e7ed4198f365f987b3444e8eda33204

Files

3e7ed4198f365f987b3444e8eda33204
.exe windows:4 windows x86 arch:x86

149050f871f04dd691f6c56ac12f82ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetFileType
GetDateFormatA
GetLastError
ExitProcess
GetFileSize
VirtualAllocEx
GetEnvironmentStrings
LoadLibraryA

user32

CallNextHookEx
GetWindow
CharLowerA
IsMenu
CharLowerBuffA
IsWindowUnicode
GetMenu

shell32

Shell_NotifyIconA
SHFileOperationA

gdi32

GetTextColor

Exports

Exports

_zXtTW75xzsCWor
UFBZxiH
nrNfoQ5oZ0oG
xHnH2MntHglP
_gMhLgLowu
BkhE59@4
_2x_UrfqCi

Sections

CODE
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 635B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ