d3ccfdbe7b5cde46d8a85712f78bf2619f383dd0ab27864775f627a9960c0ca6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3ccfdbe7b5cde46d8a85712f78bf2619f383dd0ab27864775f627a9960c0ca6
Size

6.4MB
MD5

5720844de05df09464d01e6f71cd5412
SHA1

d30dd35656f7dd6116e3b2082a8fc497ae7b448a
SHA256

d3ccfdbe7b5cde46d8a85712f78bf2619f383dd0ab27864775f627a9960c0ca6
SHA512

b110920007eb9a7156aed6df5331bcaf27f4ef407c3826eb307ee599cd294aae34e81476b5bf1b2122e3109a6c3416d2e8499116e7cd4cd5dd2dedb1b24094ad
SSDEEP

196608:649vsdCfdIjrsH7C77ONMjGTnOZxSQMf:64vyCcrsHyoM6KxSN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3ccfdbe7b5cde46d8a85712f78bf2619f383dd0ab27864775f627a9960c0ca6

Files

d3ccfdbe7b5cde46d8a85712f78bf2619f383dd0ab27864775f627a9960c0ca6
.exe windows:5 windows x86 arch:x86

7d89174671621da283722d615c5d222c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32First
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

MoveWindow

gdi32

SetTextColor

advapi32

OpenProcessToken

shell32

Shell_NotifyIconA

winmm

timeGetTime

ws2_32

connect

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zp0
Size: - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zp1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zp2
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ