c3f3d101cc7e029dbc0fb01c5149ebb2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3f3d101cc7e029dbc0fb01c5149ebb2
Size

64KB
MD5

c3f3d101cc7e029dbc0fb01c5149ebb2
SHA1

28696649610a88442bfa54b923fcd5d3db00bd4e
SHA256

164455896f04ee099873f11b7ab3d293b726d7c728eb16ad4f842a6c03d3f761
SHA512

d34a382211e0b9d6523ba9e3320b659a237fcb2fa23eeccea6edc7f638166b8d6670a35e6754f6f92bb34cce0fc6c467eaa64e054baa0fdb763bc0d9a3fb5e46
SSDEEP

1536:dIeZysEJvUVgxK/82k6Ccgezc+mfY6wDmAa+9yxut39NzCyXEB:dysEOS282k9hezcpwa49yYttgB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3f3d101cc7e029dbc0fb01c5149ebb2

Files

c3f3d101cc7e029dbc0fb01c5149ebb2
.exe windows:4 windows x86 arch:x86

b76b4336e50dfe273594018373cc463c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyIcon
GetKeyNameTextA
AdjustWindowRectEx
GetWindowInfo
WCSToMBEx
FlashWindow

kernel32

RemoveDirectoryW
SetConsoleInputExeNameA
RtlFillMemory
GetLastError
GetEnvironmentStringsA
CancelIo
GetNumberFormatW
VirtualProtect
SetFileApisToOEM
GetOverlappedResult

gdi32

GetRgnBox
GetTextFaceA
EngUnlockSurface
StartFormPage

comdlg32

WantArrows
ReplaceTextA
PrintDlgExA

Sections

.text
Size: 4KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE