003c5e48972500d8675638a15d340325 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

003c5e48972500d8675638a15d340325
Size

68KB
MD5

003c5e48972500d8675638a15d340325
SHA1

4b5c9909bfb25f61463c5fbbeae39a64807ac35c
SHA256

7edd3c36afb375117f301ca66d4ec106a63679eea85b2ccf983ed0415ee6d8eb
SHA512

9f41753d53e7ee7d0ed2e2273ae0de6acffed9ac01ef19ccb4a3482350d4f54aa35dfbe01eadf5a3fae70462bd7f964c6a3bde4fd43872e6a88e8aa22775d178
SSDEEP

768:5jcVhWSr8szyJBXUkyzf0/wuArfYwOM1H2dtcPVON1ykhcTga4yfKbNgzdr5qglD:u4lJBXpd/nArfY3M+Py/Cc3ValvnRCj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
003c5e48972500d8675638a15d340325

Files

003c5e48972500d8675638a15d340325
.exe windows:4 windows x86 arch:x86

de02015cceda1af9860a4e07d9750fcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
_exit
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
printf
atol
memset
srand
rand
strlen
malloc
strcpy
__setusermatherr

kernel32

GetStartupInfoA
ExitProcess
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetCommandLineA
CreateProcessA
lstrcmpA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ