c3511b95dbad90ad81bf357906d1438a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3511b95dbad90ad81bf357906d1438a
Size

59KB
MD5

c3511b95dbad90ad81bf357906d1438a
SHA1

abe1bd3aa06f6df8cb0b9538a8a433355bd78d06
SHA256

297662080712c74cdf3175e9263b38e61d7addecf0ad83d5cfbb42f8f50e41bd
SHA512

9bdc92db6ce3e4892309b1aba348e42212c07316a833e9f3bb42ff598a2a46d750e21b9fca4783701b4ce9e296e37eee560ecf2acf954a7e095dbcdc470d8f04
SSDEEP

1536:3ZGcsGyvIrjULNy0/11IJdIZBjrjp8zQK+vQv:3ZGaqIriD/EdIjhIQ/Iv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3511b95dbad90ad81bf357906d1438a

Files

c3511b95dbad90ad81bf357906d1438a
.exe windows:4 windows x86 arch:x86

233d43c85d3e6d8c909589d1c7274413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
LoadImageA
GetMessageA
DrawTextA

kernel32

SetEndOfFile
lstrcmpA
WriteFile
VirtualAlloc
TlsSetValue
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
Sleep

ole32

CoInitializeSecurity
OleCreateLink
WriteClassStg
CoGetCurrentProcess

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 18KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE