03d56f8326569f3411b5f139eb4d963e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03d56f8326569f3411b5f139eb4d963e
Size

48KB
MD5

03d56f8326569f3411b5f139eb4d963e
SHA1

b37fc4296c945628235c49949207e1691f30b52b
SHA256

2f307ebe4fc25a75796344a22dd1a0f6b77ce570469a4e7a46f1237e7eccb6d3
SHA512

5f2a3af3816fee700b697e35f0b1143960613abbd9a464d994dac8ccee6fb0700541f33d10fe4b40379e25cb4c46f2a575b8198b2f7673667120bab4f28e86d6
SSDEEP

768:jbULaTU1XrX96OVjSgz7Ta/p9ktA38AJgpe0QNPCbN01vA40KgfhME:jbULaTUVt6OYgU9GAsA6s0wPC053yhr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03d56f8326569f3411b5f139eb4d963e

Files

03d56f8326569f3411b5f139eb4d963e
.exe windows:5 windows x86 arch:x86

321d3dbf3597cfd3edfd687aedc5917d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DuplicateTokenEx
RegDeleteValueA

kernel32

FindResourceW

shlwapi

PathFileExistsW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

CharLowerBuffA
CloseDesktop
ExitWindowsEx
GetCursorPos
GetIconInfo
GetMessageA
GetWindowLongA
OpenWindowStationA
PeekMessageA
SetThreadDesktop

Sections

.fcr
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kfatid
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hkb
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ