3b3b94b72bf19be113f1b96bd80f047f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b3b94b72bf19be113f1b96bd80f047f
Size

50KB
MD5

3b3b94b72bf19be113f1b96bd80f047f
SHA1

9c2d00e1c734ea0cb5b16c362155dc14fa1af32b
SHA256

72a352c0831ff3ed160e4e53085ee8e57adbe295682cff6ea4d1f9a3300d4bdd
SHA512

552d9b7ba1f9d28aea0b17fd1e4d4db1472d33590b8c235ce4b81cbf066178e1ecc815d60bd170dd75a49ac5350bf0c546ede83f8959d2021fd50861f05abe6c
SSDEEP

768:90/jTMEvOrA4PgYyF5baWICmfw0avu0gfkDOKEs60O+aDs0vqDBiweg9pedJ:a7vV4PgNTZICmfwRgDs6EaDsTE1g9IdJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b3b94b72bf19be113f1b96bd80f047f

Files

3b3b94b72bf19be113f1b96bd80f047f
.exe windows:4 windows x86 arch:x86

a95bb815618bc233346807b623526ac3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
GetStartupInfoA

advapi32

RegOpenKeyExA

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
calloc
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_initterm

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ