3b38854641eadad4a6b43c9bd264fac64bcd4e7057abc0ecc2956c0b16c4635f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b38854641eadad4a6b43c9bd264fac64bcd4e7057abc0ecc2956c0b16c4635f
Size

17KB
MD5

2da8c62543d6274465f9412694cf5494
SHA1

2d7aad741b109b8663735a81b565ee6d1cacc829
SHA256

3b38854641eadad4a6b43c9bd264fac64bcd4e7057abc0ecc2956c0b16c4635f
SHA512

bec38dc514d620b6c2e0c10f781e1c792ead01404d8cc7561485175a234bcc9b4cb5198fd8d7445a3044d6ce4026bedb546b29a81fe197419368f62db8683ab0
SSDEEP

192:nDqeRwdb3enG2RxnSGzTcb7dYMnW0TYxm2pXEz4JWaULI7kbSHkFQc3psZ/Q99gk:DqzdeGQ/TcFPnW0wp0tekWo5s5eGZvXi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b38854641eadad4a6b43c9bd264fac64bcd4e7057abc0ecc2956c0b16c4635f

Files

3b38854641eadad4a6b43c9bd264fac64bcd4e7057abc0ecc2956c0b16c4635f
.dll windows x86

655be6d4b6825ae7c96140c054e1ac0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegQueryValueExW

user32

GetKeyboardType

Exports

Exports

AssembleApplication
AssembleModule

Sections

.text
Size: 11KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE