3cec298c5b8aa6e23341c8f9ac65fd753aee6c41e5250cba70032c3518656b32 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cec298c5b8aa6e23341c8f9ac65fd753aee6c41e5250cba70032c3518656b32
Size

92KB
MD5

b06d30d4d7c22504a7474873f3cc3e40
SHA1

21461ddb2a35b951753881616c33f5496e40d91f
SHA256

3cec298c5b8aa6e23341c8f9ac65fd753aee6c41e5250cba70032c3518656b32
SHA512

6a19478ed84a7961d7de03ac176e11c52d120e522268e7c2a13b59f8847ccc9c8cbef59e56ace8d230553633fd9db8e654ba508814574db643b99b1571d01bf9
SSDEEP

1536:ZHMbrBu0kfdM8Dbzdu/XFZZrd9d4XVVVVlVVVeVn:ZHMXzedM8DFuTZrPd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cec298c5b8aa6e23341c8f9ac65fd753aee6c41e5250cba70032c3518656b32

Files

3cec298c5b8aa6e23341c8f9ac65fd753aee6c41e5250cba70032c3518656b32
.exe windows:5 windows x86 arch:x86

e2251f024cec7f01b2e4874414b6ad7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrIA

iphlpapi

GetAdaptersInfo

ws2_32

ioctlsocket
gethostbyname
htons
__WSAFDIsSet
WSAGetLastError
inet_addr
select

kernel32

lstrcatA
GetEnvironmentVariableA
GetFileAttributesA
CreateDirectoryA
WriteFile
Sleep
DeleteFileA
VirtualAlloc
GetTickCount
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
GetModuleHandleA
ExitProcess
lstrcmpiA
CloseHandle
SetLastError
lstrlenA
FindNextFileA
FindFirstFileA
FindClose
VirtualFree
ReadFile
GetFileSize
CreateFileA

user32

IsCharAlphaNumericA
wsprintfA

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ