3cac48837e03e0d556a29fee7b36c6ce00f5407977930d8a9a3e11446e467fc9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cac48837e03e0d556a29fee7b36c6ce00f5407977930d8a9a3e11446e467fc9
Size

1.8MB
MD5

1b1656bbd20ca1d151c22889039534ac
SHA1

cee826c7cca32d98a25c3ec835316fc5cf95d464
SHA256

3cac48837e03e0d556a29fee7b36c6ce00f5407977930d8a9a3e11446e467fc9
SHA512

512b4797bc7f8729cce4f30445d08016844905dfc6b11a3b7f1367a999153001ddb54e8bc54ef8c9b47e508a45fd17d48f3b8e5b59ac86f673d12ed61cb92708
SSDEEP

49152:WAj+orMnemxpnvI9p4xrvjMZasopPg+718SHO:Vj1rSemHIHqr7MZasAz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cac48837e03e0d556a29fee7b36c6ce00f5407977930d8a9a3e11446e467fc9

Files

3cac48837e03e0d556a29fee7b36c6ce00f5407977930d8a9a3e11446e467fc9
.dll windows:5 windows x86 arch:x86

6d220067d07215d263e0009c8bcc61b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

fpQ=3NBCVmRFU!Rti9LX6js61

Imports

advapi32

OpenProcessToken

ole32

CoCancelCall

kernel32

TerminateProcess
GetModuleFileNameW
GetBinaryTypeW
ReadConsoleA
GetModuleFileNameA
DeleteFileA
GetModuleHandleA
InitializeCriticalSection
RtlUnwind
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW

gdi32

GetClipRgn
GetPixelFormat

user32

TranslateMDISysAccel
EndMenu
ArrangeIconicWindows

rpcrt4

RpcBindingInqAuthClientExW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 376KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ