3d324079be47539bb25858e75e6e40dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d324079be47539bb25858e75e6e40dc
Size

140KB
MD5

3d324079be47539bb25858e75e6e40dc
SHA1

811d8d4d32bb383742ddedde004c134017f25e37
SHA256

28e7cd3719314fb7b8b72e9bcc47f4f2de39fa2bb73262801f97a68e9d73fb20
SHA512

20ed07b4f3d7d1a410ce80f5a43fd43e78edf699f166b7bb1826bbe6bcf61597f29e2b6d2e3ea7aa473c7b6267ddede2559c65596a31ea438390f48f3006b236
SSDEEP

3072:KNSMMfRY0NBQwcWA07nBy+nghqgBgg/Y2AiVQSzid85:KNSrS0NBQwXd75gBg72JQSzM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d324079be47539bb25858e75e6e40dc

Files

3d324079be47539bb25858e75e6e40dc
.exe windows:4 windows x86 arch:x86

6133a0c0198478e1e4c18060517ea867

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
ExitProcess
GetFileAttributesA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
CloseHandle
lstrlenA
GetSystemTimeAsFileTime
RtlUnwind
InterlockedExchange
VirtualQuery
GetSystemDirectoryA
SetCurrentDirectoryA
WritePrivateProfileStringA
GetFullPathNameA

user32

wvsprintfA

advapi32

CloseServiceHandle
StartServiceA
CreateServiceA
OpenSCManagerA

shell32

DragAcceptFiles

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 998B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE