003677b5c976ec6414f839bf5ec444dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

003677b5c976ec6414f839bf5ec444dd
Size

156KB
MD5

003677b5c976ec6414f839bf5ec444dd
SHA1

81106d8402544e6d93d5bd63ced175bc144f4d27
SHA256

e69f169e7859fb1d7c334619a1cf3167fc2cd7439a1510a291a51ac4542b183e
SHA512

c66705e964ca77e0ef7dfa44be0ca5bf5eda829625b673773439e752b2d82599b6424c1fb535faa74d38449ea044dfe986ca19a09bd5e6a56e9aedb6ac19eba0
SSDEEP

3072:L//VE9GYqlQhexsNWpvRvtGIcQNqCyAO2YZs2TK39uvs:7/Vz3lQheu8HP9h1d25v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
003677b5c976ec6414f839bf5ec444dd

Files

003677b5c976ec6414f839bf5ec444dd
.exe windows:4 windows x86 arch:x86

4ba20fca372ac6a1e22023703788718e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitCommEvent
SetComputerNameExW
SetConsoleKeyShortcuts
FreeEnvironmentStringsW
GetPrivateProfileIntW
GetTempPathW
ContinueDebugEvent
AssignProcessToJobObject
EnumSystemCodePagesA
SetThreadLocale
ResetWriteWatch
GetExitCodeThread
UpdateResourceA
HeapCompact
QueryInformationJobObject
IsValidLocale
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.code
Size: 8KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ