3ed8842ffffa42a476edff86ee43475a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ed8842ffffa42a476edff86ee43475a
Size

7KB
MD5

3ed8842ffffa42a476edff86ee43475a
SHA1

46e6ed4c85b6c0363ed19bb295c0a4fa3a3100a0
SHA256

3939ac433a86cb725c0065686c0654182dc83224c161d47a9a94c5e970c290c1
SHA512

79acd24eb9dc237ca1f81d204af826111f6af7f8869c3415fd41949dba06337cd39487aada5d327ce9bb60dbf200c6982df5fb2d1012e79d67faa070667e7e8c
SSDEEP

192:yRERPFbHkcQ8YyuUH6qrCHk1UXUToasZ4OgQJU7W:5RacHzedriOgQU7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ed8842ffffa42a476edff86ee43475a

Files

3ed8842ffffa42a476edff86ee43475a
.exe windows:4 windows x86 arch:x86

13e2e971ada855e7ee4c505f69a09abb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetProcAddress
GetCurrentThread
GetCurrentProcessId
GetTickCount
CloseHandle
FindFirstFileA
CreateProcessA
lstrcatA
GetStartupInfoA
FreeLibrary
LoadLibraryA
CreateDirectoryA
HeapAlloc
CreateFileA
lstrcmpiA
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
GetTempFileNameA
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetShortPathNameA
GetLastError
CreateMutexA
GetProcessHeap
HeapFree
Sleep
ExitProcess

user32

GetActiveWindow
GetCapture
wsprintfA
SetActiveWindow

gdi32

CreateCompatibleDC
GetBkMode
CancelDC

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE