3ec6fefd2425e422256fbb7168c51910 | Triage

Sharing

General

Target

3ec6fefd2425e422256fbb7168c51910
Size

17KB
MD5

3ec6fefd2425e422256fbb7168c51910
SHA1

7ac95dcb12efe84ac179c3ee03d89af2915e142e
SHA256

dc8b0235bd059522ee27b9feea6c8b18af763d13e347d8c2ce9f43eba3d5fb6c
SHA512

071c944800f6f7f67a731bbf0fab1cdd054f8204516c763b8012342656efe7b017c532e0862ad6a8cf19ac5196d1eb627c5acb7453138267b53e6929f556830a
SSDEEP

192:6zj3VGviDvdg7aFRoI9MLDDG/mDMHIP8DXm8IVORJmEbU2i3+WTUfQM2e:yhDvWYqDDImQlFRcKpiOfQe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ec6fefd2425e422256fbb7168c51910

Files

3ec6fefd2425e422256fbb7168c51910
.exe windows:4 windows x86 arch:x86

325fa6beeeab4f6afb582029275ab46a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetCommandLineA
lstrlenA
GetModuleHandleA
GetVersion
WaitForSingleObject
SuspendThread
WaitForMultipleObjects
CompareFileTime
HeapReAlloc
GetAtomNameA
GetConsoleCP
GetConsoleDisplayMode
InterlockedExchange
GlobalUnlock
LocalSize
LoadLibraryExA
HeapCreate
CloseHandle
GetSystemDefaultLangID
GetTickCount

gdi32

Ellipse
EqualRgn
EndPath
GetFontData
AbortPath
GetStringBitmapA
CreatePalette
FloodFill
GetRgnBox
BeginPath
EngLineTo
GetMetaFileA
DeleteDC
DeleteObject
Escape
GetTextColor
GetMetaRgn
CreateFontA
CreateICA

rastapi

DeviceDone
AddPorts
DeviceConnect
PortClose
DeviceListen

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ