e3b96898fe1bb08017fbd3cfeba2f9b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e3b96898fe1bb08017fbd3cfeba2f9b3
Size

9KB
MD5

e3b96898fe1bb08017fbd3cfeba2f9b3
SHA1

721422f3130614575d01fe397f63038334eeb72f
SHA256

a126ac2d20c64e0cdd6c615e98e7d9ff16dbf23927e49bf6e269eafe8a3bf82f
SHA512

090b674669d558b1a9b04e37af3b02159b67a45c535ecc8d9edd28a8e0393ea176c5f633b6e530b99254c678d88202d7c7b46c702a4a955b2eebd159d54c2707
SSDEEP

96:3zzmNs+9a3XYaJOMVqir5wF+lH3lXTDgdhWcfOKz8JLbQUOfEL/6YwoVmq4jgS2w:Laa3X/PqoUJz8JLbcMT6Yb3vaU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3b96898fe1bb08017fbd3cfeba2f9b3

Files

e3b96898fe1bb08017fbd3cfeba2f9b3
.dll windows:1 windows x86 arch:x86

d2f1115ed596322e85ca77ac72751e9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

pmacs.exe

_PMsGetParameter
_PMsGetColorOnImage
_PMsSetColorOnImage

kernel32

VirtualAlloc
VirtualFree
SetFilePointer
GlobalAlloc
GlobalFree
GetStdHandle
WriteFile
ExitProcess
GetTickCount
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
GetCurrentThreadId
FreeEnvironmentStringsA
GetEnvironmentStrings
GetVersion

Exports

Exports

PMcEffect

Sections

.edata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT$XIA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ