3788b5a443dae329973bd8d8d06a340b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3788b5a443dae329973bd8d8d06a340b
Size

192KB
MD5

3788b5a443dae329973bd8d8d06a340b
SHA1

f2d88eddad8df07f0c7fd344a5f73d8badb068e6
SHA256

e1307447d3518fcd0772da8adf67cb93a1abcc7cfb2b5f6f87e2334ae5d6f899
SHA512

fd44022b331307ea96e7990c906c5cafa0447ff569e589abb71ab9561e001ff650eb67d44bee23bb8f9d3f27c3a53fa228027078178f2a95c94a0ac7ae0365a9
SSDEEP

3072:1/kWj801HkpeL86jmWPEzSsvHwnvppYbbxgacAN29B+7:1j84o6kEvpppdAN2a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3788b5a443dae329973bd8d8d06a340b

Files

3788b5a443dae329973bd8d8d06a340b
.exe windows:4 windows x86 arch:x86

4af814e9bafe3981c9d23a8fc70f145a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
lstrcmpiW
Sleep
GetCommandLineA
lstrcmpiA
GetModuleHandleA
DeleteFileW
LoadLibraryW
GetTickCount
DeleteFileA
RemoveDirectoryA
GetStartupInfoA
IsDebuggerPresent
GetCurrentProcessId
GetUserDefaultLangID
CopyFileA
GlobalFindAtomA
SetCurrentDirectoryA
GetWindowsDirectoryA
MulDiv
QueryPerformanceCounter
lstrcmpA
GetLastError
GetProcessHeap
GetConsoleOutputCP
GetACP
GetDriveTypeA
VirtualAlloc
GetCurrentThread
GetOEMCP
GetVersion
GetCommandLineW
lstrlenA
GetThreadLocale
GlobalFindAtomW
GetCurrentThreadId
lstrlenW

user32

GetSystemMetrics
CharNextA
GetDC
GetDesktopWindow

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ