b3f1b177728d18f7ea50ea067a3270bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3f1b177728d18f7ea50ea067a3270bb
Size

134KB
MD5

b3f1b177728d18f7ea50ea067a3270bb
SHA1

d6a43051a294a3dc10c3c4faf324b0e9b2646b83
SHA256

f98bb25c21b7a44d6fb110aad9bbc3bda9a2ceaffbb917ff8ac017efb165ed91
SHA512

cd8f410a915eb9a851df9274d1fd64a9de07f761870d5bd78f22b186f68f93fcb61e88d67c1203d9735fce9d3ce712ceaf9525c57b1310d471f819366fe3bc9a
SSDEEP

3072:wSiHVVKcEM31j9R2tMNhfa8ePFEDlrQ+V+2k7s5OglXQwUbHREYc:wSiH3lJW98emrQ+0a5HMxE9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3f1b177728d18f7ea50ea067a3270bb

Files

b3f1b177728d18f7ea50ea067a3270bb
.exe windows:4 windows x86 arch:x86

2fda084f5bd513f57acfdacd4c922e6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject

ole32

StgOpenStorage
CoCreateInstance
CoFileTimeNow
CoUninitialize
CoInitialize

shell32

SHGetSpecialFolderPathW
ShellExecuteExW

kernel32

GlobalSize
IsDBCSLeadByteEx
DisableThreadLibraryCalls
GetDriveTypeW
UnlockFile
SetFileTime
GlobalFree
FindResourceW
GetShortPathNameW
FindFirstFileW
GlobalDeleteAtom
GetFileTime
DeleteFileW
SetErrorMode
SetFilePointer
CloseHandle
FindNextFileW
GetVolumeInformationW
EnumResourceNamesW
WriteFile
SetEnvironmentVariableW
SetFileAttributesW
GetFileSize
LoadResource
SetCurrentDirectoryW
GetLocalTime
GetACP
SearchPathW
ExitProcess
LockFile
GetCurrentDirectoryW
MoveFileW
IsDBCSLeadByte
FindClose
GlobalReAlloc
ReadFile
GlobalUnlock

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ