new3in[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

new3in.exe
Size

106KB
MD5

edad353dbeaf8e882545914956c6564f
SHA1

490abbeb624589d0d7d87cf6baaea9a140ad601f
SHA256

67acc71e6d038267f939f2f5058175be4ce999a595b3d943a6d849d9f89b976a
SHA512

0b2c39614a75d0f728be787e2d0819180a07207e7352c02c3f46edd60d2c01cf9364127dfbf4037a15d2951b1bfeedff375f34ed797e3b9f12d8153f059dfdf3
SSDEEP

1536:9mat8rHgL0pNvpsryAmafNXRinfeWxHDIWwxBUvMFMQiNFRimk:UokAQbUbLiLHDIWwxtsRrk

Score

N/A

Malware Config

Signatures

Files

new3in.exe
.exe windows x64

23777c67cd412e1c3d3675df8c5168ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

ChangeServiceConfigA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
OpenServiceA
StartServiceA

kernel32

CloseHandle
CopyFileA
DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FreeConsole
GetConsoleWindow
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetCurrentDirectoryA
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
lstrcmpA

msvcrt

__C_specific_handler
__dllonexit
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_lock
_onexit
_pgmptr
_stricmp
_unlock
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
memset
signal
sprintf
strlen
strncmp
strncpy
strrchr
vfprintf
wcslen

user32

wsprintfA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_a
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_i
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_a
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_l
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_f
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_s
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_l
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_r
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dp8
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23777c67cd412e1c3d3675df8c5168ec

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 384B

.rdata Size: 3KB - Virtual size: 3KB

.pdata Size: 1024B - Virtual size: 720B

.xdata Size: 1024B - Virtual size: 680B

.bss Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 104B

.debug_a Size: 1KB - Virtual size: 1KB

.debug_i Size: 48KB - Virtual size: 47KB

.debug_a Size: 7KB - Virtual size: 6KB

.debug_l Size: 6KB - Virtual size: 6KB

.debug_f Size: 3KB - Virtual size: 2KB

.debug_s Size: 1024B - Virtual size: 768B

.debug_l Size: 11KB - Virtual size: 11KB

.debug_r Size: 1KB - Virtual size: 1KB

.dp8 Size: 2KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 384B

.rdata
Size: 3KB - Virtual size: 3KB

.pdata
Size: 1024B - Virtual size: 720B

.xdata
Size: 1024B - Virtual size: 680B

.bss
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 104B

.debug_a
Size: 1KB - Virtual size: 1KB

.debug_i
Size: 48KB - Virtual size: 47KB

.debug_a
Size: 7KB - Virtual size: 6KB

.debug_l
Size: 6KB - Virtual size: 6KB

.debug_f
Size: 3KB - Virtual size: 2KB

.debug_s
Size: 1024B - Virtual size: 768B

.debug_l
Size: 11KB - Virtual size: 11KB

.debug_r
Size: 1KB - Virtual size: 1KB

.dp8
Size: 2KB - Virtual size: 2KB