3fcd4fb44f62652e3fa1a187b0550247 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fcd4fb44f62652e3fa1a187b0550247
Size

17KB
MD5

3fcd4fb44f62652e3fa1a187b0550247
SHA1

03f756e4e471a38b947ac927bf2321e4b2bfcd96
SHA256

ce4adaaef8d1f0733215e9a0f6a87fe5dccde888409f19d79563df1cc38f2428
SHA512

d3739cfb9eaa4bcb9a199e384dba8873bb31d207646e435e1047a1fa0ffd8677089ce0e6b55f8650a7b418d02c4a28f23143b7e846302b4d6d7f5c8881a1e876
SSDEEP

192:rTIFYpRX9i+MAwkPhBdp6/Fgdccccd3/zlIKX+ppoIY9tmx/:rcCpXlfwSdC+dccccd3/z6KXmmex/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fcd4fb44f62652e3fa1a187b0550247

Files

3fcd4fb44f62652e3fa1a187b0550247
.exe windows:4 windows x86 arch:x86

ace671a49e60212a05a591a9e4eb4f10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
InterlockedExchange
GetCommandLineA
GetCurrentProcessId
GetSystemDirectoryA
GetModuleHandleA
GetStdHandle
HeapCreate
GetACP
GetLocaleInfoA
RaiseException
FlushFileBuffers
VirtualProtect
GetCurrentProcess
GlobalFree
GetCurrentThread
IsDebuggerPresent
FreeEnvironmentStringsA
OpenSemaphoreA
WriteConsoleA
GetCompressedFileSizeA

user32

FrameRect
ReleaseDC
SetForegroundWindow
IsIconic
SetActiveWindow
GetDlgItem
DrawTextA
GetCursorPos
GetParent
ValidateRgn
FillRect
EndPaint
GetFocus
ShowWindow
wsprintfA
GetWindow
GetWindowTextA
BeginPaint
GetClassNameA

linkinfo

GetCanonicalPathInfoA
ResolveLinkInfoA
DestroyLinkInfo
IsValidLinkInfo
GetLinkInfoData

rtutils

LogEventA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ