c3198e30a47c3912b5dbb32fadcd8bf6f1c0ed196b9acfd48bc0d7c0aae3cb3c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3198e30a47c3912b5dbb32fadcd8bf6f1c0ed196b9acfd48bc0d7c0aae3cb3c
Size

1.0MB
MD5

53607c61b0eea31f7e84dffa4dc8da44
SHA1

775aaf7dda92f2bab0ac3b2dbc084715e3a22895
SHA256

c3198e30a47c3912b5dbb32fadcd8bf6f1c0ed196b9acfd48bc0d7c0aae3cb3c
SHA512

f88f39012541e06dcdb8504aa3c537922088b1c33311e2d5a080ae16fe5608dfeca8591182eadc20e3b6cf51a2b5a05dd21d15b12af9e060c3d04ed2af9dac7f
SSDEEP

24576:gyiMB9GSr5IptDuqbX0SH3mTjpB7323XVylWmn1Q/vZdN:/9cHP0s+9B7m3Fyps

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3198e30a47c3912b5dbb32fadcd8bf6f1c0ed196b9acfd48bc0d7c0aae3cb3c

Files

c3198e30a47c3912b5dbb32fadcd8bf6f1c0ed196b9acfd48bc0d7c0aae3cb3c
.exe windows:4 windows x86 arch:x86

234ecae781a7845c972346b1edefdddc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrStrA

user32

GetDC

gdi32

BitBlt

advapi32

FreeSid

shell32

SHChangeNotify

version

VerQueryValueW

setupapi

CM_Get_Parent

Exports

Exports

LoadEnvi
MemoryCompare
MemoryCopy
MemorySet
WndProc1
WndProc1_
WndProc2
WndProc2_
WndProc3
WndProc3_
_dllMain_Name@12
_mainB_@8
_mainW@16
_main_@4
main
main1
main5
mainB

Sections

.MPRESS1
Size: 975KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE