3cdf07864a4803b95c74948a06170e2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cdf07864a4803b95c74948a06170e2a
Size

131KB
MD5

3cdf07864a4803b95c74948a06170e2a
SHA1

d2ace4534f6a437cc2d1a20924c3f421a62bf5e1
SHA256

3ab40dcc9e8c8f5a7c568a31331d9929571ac806e35d13ce6e40557e3ccb9d92
SHA512

a34c367c7819a026421ea39e7aad467d579d22a6eb46845a8b1f54553d7a8fdfb3ee73a5d4d79c2c1be9970d435ff529bc72c9d05f53c4bebddcab20c94b35a6
SSDEEP

1536:B0VRZHQdQRWCyxmHBNGJJdoOmoE9vvrt0:Bc2l3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cdf07864a4803b95c74948a06170e2a

Files

3cdf07864a4803b95c74948a06170e2a
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ