3ff57656f1d6a74d66fda393f2958287a8b587106585c1efb4c9026a10c1e9eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ff57656f1d6a74d66fda393f2958287a8b587106585c1efb4c9026a10c1e9eb
Size

8.0MB
MD5

e08c10efdcda3f7145df4395c8cfcac9
SHA1

cc27dc346c3a91d93173145490af512289dc9db2
SHA256

3ff57656f1d6a74d66fda393f2958287a8b587106585c1efb4c9026a10c1e9eb
SHA512

8697a3e5b5f3ec70a74aa49e7b75c995533f665df5efd1c72f2e26d76389dc468135ba76fb4128f712c19ad282e34482ba128704edc4e1f2cddd13503c1fb5de
SSDEEP

196608:WI9/kDlaOOwGm3lETUCoWHAsNRgt4/9V9w+3+jTW/EL88t12MUindFM:B/kDTOwtCTUCVHPB/PC+3Ui/8yMrd6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ff57656f1d6a74d66fda393f2958287a8b587106585c1efb4c9026a10c1e9eb

Files

3ff57656f1d6a74d66fda393f2958287a8b587106585c1efb4c9026a10c1e9eb
.exe windows:5 windows x86 arch:x86

387f84cc13884dfd1aed93c3aac88dc3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

LoadImageW

gdi32

GetStockObject

msimg32

TransparentBlt

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

SHBrowseForFolderA

comctl32

InitCommonControlsEx

shlwapi

StrFormatKBSizeA

uxtheme

IsAppThemed

ole32

CoRegisterClassObject

oleaut32

VarBstrFromDate

oledlg

ord8

oleacc

LresultFromObject

gdiplus

GdipCreateFromHDC

imm32

ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 7.9MB - Virtual size: 10.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE