3fc1326f7881ca6f993b8c8ab4f46d21 | Triage

Sharing

General

Target

3fc1326f7881ca6f993b8c8ab4f46d21
Size

24KB
MD5

3fc1326f7881ca6f993b8c8ab4f46d21
SHA1

d0fc6abd8e760ea207323365987eccccb0edd9a2
SHA256

73c85c0a36ae8cd3d85420cf9feb3017a87d945b4234dd3b7576a33c9789ba74
SHA512

ab5a9f781150d9008514ea09b6910a9e5206d7fc7158aedd5b6dc37b43b50be43beba46a2209110ff113dfcff9bde17d894fe2452527f296b7e7acd2b644f92b
SSDEEP

384:AMUWYcKIAzJRwRdbsQp4Ji9c+FyD6Qr1SUtDRjPXxreyWuAHDQ2cVnMY0dYL:AMUfVIlXOJkY7FBxNAjQrSY0dYL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fc1326f7881ca6f993b8c8ab4f46d21

Files

3fc1326f7881ca6f993b8c8ab4f46d21
.exe windows:4 windows x86 arch:x86

751a6e7d217fb66f53c71d9d8ef59002

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GetSystemTime
GetLocalTime
GetTimeZoneInformation
TerminateThread
GetProcAddress
ExitProcess
GetLastError
ReleaseMutex
Sleep
CreateMutexA
LoadLibraryA
SystemTimeToFileTime
GetCommandLineA
SetCurrentDirectoryA
VirtualAlloc
VirtualFree
GetFileSize
ReadFile
DeleteFileA
WriteFile
CloseHandle
GetTickCount
CreateFileA
GetProcessHeap
HeapFree
HeapAlloc
lstrcpynA
GetModuleFileNameA
ExpandEnvironmentStringsA
GetModuleHandleA
SetFilePointer

wininet

HttpQueryInfoA
HttpOpenRequestA
InternetReadFile
InternetConnectA
InternetCloseHandle
InternetOpenA
HttpSendRequestA

dnsapi

DnsQuery_A
DnsRecordListFree

advapi32

OpenServiceW
OpenSCManagerA
CloseServiceHandle
ControlService

ntdll

memset
sprintf
_itoa
atoi
strstr
strncpy
strncmp
_stricmp
_chkstk
RtlRandom

ws2_32

inet_addr
WSAGetLastError
setsockopt
htons
ioctlsocket
ntohs
sendto
gethostname

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE