3076ddcf791e3b63414c684c6ff8cee2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3076ddcf791e3b63414c684c6ff8cee2
Size

120KB
MD5

3076ddcf791e3b63414c684c6ff8cee2
SHA1

a15b452fead1bed5d8977732391288840aaba5d0
SHA256

602858d25c7dbb3c03f5bb4ed80c54c7b1011ca802bde6932c1442537cf5acf3
SHA512

4a1daa17c1e588543e5f13a1410b4d1dd00bbac97e361b01e1b41190373002e4753c523ccc443435ea1ed3415d37c197d9abb42995bb1f7c41b472f58105843f
SSDEEP

3072:ccDsWA8kXDAX2YAVvc09v4HYLFk8jwaaHw7Koj4rrxvtzpMo:FwWAbXN5VE0yYWzV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3076ddcf791e3b63414c684c6ff8cee2

Files

3076ddcf791e3b63414c684c6ff8cee2
.exe windows:65535 windows x86 arch:x86

f88cc8576d13de0c893657d969bdc379

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
SetConsoleOutputCP

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegFlushKey
RegConnectRegistryA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

Sections

.text
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE