3db72b8cee59695d29a68be9c58cb82c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3db72b8cee59695d29a68be9c58cb82c
Size

36KB
MD5

3db72b8cee59695d29a68be9c58cb82c
SHA1

88b2aeb6c37698928bbddff1fa5af6a5ea57c68b
SHA256

e5cc055c0a11403aa8af8c70ff1f5c0f0879cfba4b2f13381724f0a09294c5cb
SHA512

79394c3afa0da9a03ee7f69a2dc188f3daf48840b76f9bf6a132d70b5761c1156623875e10f59198ace16c428892694de835026b45db3a1aee75032dc991150f
SSDEEP

768:ygP4hUoiZoVv0OxoU+cO97vxRq7Nty1VR:Zbo50OxoUe9TPktEVR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3db72b8cee59695d29a68be9c58cb82c

Files

3db72b8cee59695d29a68be9c58cb82c
.exe windows:4 windows x86 arch:x86

4b84f391d7faa76c9eb2f3c353e1a146

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
GetCurrentDirectoryW
CloseHandle
OpenProcess
CreateRemoteThread
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
GetCurrentProcessId
WriteProcessMemory
VirtualAllocEx
Sleep
CreateFileA
GetConsoleMode
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLastError
FlushFileBuffers
SetFilePointer
SetStdHandle
ReadConsoleInputA
SetConsoleMode
WriteConsoleA

psapi

EnumProcessModules
GetModuleBaseNameW
EnumProcesses

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE