3fcbd01aa6d69c2e25edf927c9168bb9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fcbd01aa6d69c2e25edf927c9168bb9
Size

276KB
MD5

3fcbd01aa6d69c2e25edf927c9168bb9
SHA1

a461951277bb3ef65ae1d2c343fc7b9762ce5592
SHA256

38cc2bdfca33a30208d3ea7ddfc622296784446501ec727672c2cd619fb1e616
SHA512

42fc2bc79394a424626c227a184b6e6250ea1f56bccded3c4457f561f860b18dcea84eba29fedab85d86e124256b345c5918087d4efca7025c43a59f9db3803b
SSDEEP

6144:iryUgAdCvOpK9S+PhQMxLZl43lD8NcrY1W:Iu/vO+S+P/xXg6Ncs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fcbd01aa6d69c2e25edf927c9168bb9

Files

3fcbd01aa6d69c2e25edf927c9168bb9
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CreateBackupUIPage
DllRegisterServer
DwmIsCompositionEnabled
EnumProcessModules
EnumProcesses
Get360SEPath
GetModuleBaseNameW
Go
Heart
KSDllGetClassObject
M0ZHE
On
ReleaseLogObjects
Run
RunUpdate
ServiceMain
Update
main
start

Sections

.packed
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE