c3bec2f4b193ee1fa878f76de36af3b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3bec2f4b193ee1fa878f76de36af3b3
Size

19KB
MD5

c3bec2f4b193ee1fa878f76de36af3b3
SHA1

a109ae6e83f16546999244ec26492c678af6e418
SHA256

5bdff50b97370a91e6ccf4e151a44aa5293a7ebee2b2c1243cb1af5c94eecb3f
SHA512

5cff50f06a9b7dc8137c641605598039922040726d8be50e38519938bbcc211929d9b4d25e9201ee99d1cb074bf482955c9b919b56485a6c010916358c2136ca
SSDEEP

384:WW+kcjxFqsfqZXF3pj3/MFiNQk8X7pFVQKOK8Mha:+kc9FqkwD/MRk8bGK8Mh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3bec2f4b193ee1fa878f76de36af3b3

Files

c3bec2f4b193ee1fa878f76de36af3b3
.dll windows:4 windows x86 arch:x86

8c8edcc84febd3718a819f6b1c615602

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
CreateEventA
GetFileAttributesA
lstrcatA
MultiByteToWideChar
GetProcAddress
GlobalFree
GetModuleHandleA
CloseHandle
lstrcpyA
lstrcpynA
SetFilePointer
RtlUnwind
lstrcmpA
CreateFileA

user32

DestroyWindow
GetFocus
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
EnableWindow
CallWindowProcA
SetDlgItemTextA
GetWindowRect

advapi32

RegQueryValueExA
RegCloseKey
RegLoadKeyW

wininet

InternetConnectA

Exports

Exports

cool
feed
plem

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ