34d38fb44e212349ad7808c67636bef1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34d38fb44e212349ad7808c67636bef1
Size

41KB
MD5

34d38fb44e212349ad7808c67636bef1
SHA1

966c0362237ac330131147b710238c3e1f973424
SHA256

e206cc75286665013fc3adcd111a087d3e043157fcdd83888354b30cdf1e59cb
SHA512

8ff006ebb900f2957469a5978124e169dd53f6a833fb261bd83cf54714eda7220f8f54048bd910830d1363f2999860221879dea2f83b4121e1004f0b36e95645
SSDEEP

192:zv22vnAnIa+//ICbePtKrvyxYRIqKhgiMHYMRg:z+2vnAnl+//IQsosqHYMy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34d38fb44e212349ad7808c67636bef1

Files

34d38fb44e212349ad7808c67636bef1
.exe windows:4 windows x86 arch:x86

70afbc43974f3e0fdf922df093615187

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
DeleteFileA
SetFileAttributesA
GetLocalTime
GetCurrentProcess
Process32Next
OpenProcess
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetCurrentThread
GetVersionExA
Module32First
GetFileSize
GetWindowsDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetFullPathNameA
CloseHandle
ReadFile
SetFilePointer
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
Sleep
SetLastError
GetLastError
WriteFile

advapi32

OpenThreadToken
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

imagehlp

MapFileAndCheckSumA

msvcrt

_getch
_itoa
??3@YAXPAX@Z
??2@YAPAXI@Z
printf
__CxxFrameHandler
__dllonexit
_onexit
strncmp

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE