3fe54b2ceff87ca32b40184db9e4894c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fe54b2ceff87ca32b40184db9e4894c
Size

7KB
MD5

3fe54b2ceff87ca32b40184db9e4894c
SHA1

39efbcf1f0b9e23a1ffe95754d082766052c468a
SHA256

a85336ca0ab2f40fc00a48206ed02d06df11c12890b95ec1baa70dfe8b476aba
SHA512

e8803e4811122793706acfcca044a3295e43b69150136322d7288570e076bb2156b6d308a3065f10fe7c59e0137682271021bd5e8a070e42051e7cc3ce4d5e8e
SSDEEP

96:VwSlbcjhipiyftRg91MzaC4dS2li+yLVJOJmqkM7nhc6:HcQpiIsPiDVgJmqrhr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fe54b2ceff87ca32b40184db9e4894c

Files

3fe54b2ceff87ca32b40184db9e4894c
.dll windows:4 windows x86 arch:x86

6fb7acdba64eca47643fdb07f4407298

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetComputerNameA
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
Sleep
GetCurrentProcess
ExitProcess

user32

GetWindowThreadProcessId
GetWindowTextA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
FindWindowA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

sprintf
_adjust_fdiv
malloc
_initterm
free
memcpy
strchr
strncpy
strrchr
??3@YAXPAX@Z
memset
??2@YAPAXI@Z
_stricmp
strcmp
strcat
strcpy
strlen

Exports

Exports

fa
fc

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdat
Size: 512B - Virtual size: 271B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ