3af6e599be9a44b3ecb0609fabb47041 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3af6e599be9a44b3ecb0609fabb47041
Size

46KB
MD5

3af6e599be9a44b3ecb0609fabb47041
SHA1

007cc800f75600acb14e0d7668c1804a502d5699
SHA256

da197efa04d9d6d6994af4fa1c0717a412f075c9cf11bc534aa370866d7474d9
SHA512

e8c4beb6e67ac0e74a9dd42702bd6e09c1330246a1a0c8d88f5d50ccd3451f226bca4ba2b51d265a0d6907f79bb233cc292bf7ae5749f0fc5ae4e34a72dba0e3
SSDEEP

768:O8/rAg47xqmwy0Va9HRxQDUkP2WGm06XK6mvonUNoGnEnmYQJuz/wORit1RyWRJ:OkVy0ofxcvuWX8CF1QIEOCbyy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3af6e599be9a44b3ecb0609fabb47041

Files

3af6e599be9a44b3ecb0609fabb47041
.exe windows:5 windows x86 arch:x86

88849731373ff571644a6c890898ed10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash
CryptReleaseContext
RegQueryValueExA
CryptGetHashParam
DuplicateTokenEx
RegDeleteValueA
RegCloseKey

shlwapi

StrStrW
SHDeleteKeyA
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIA
StrCmpNIW
wvnsprintfA
PathCombineW
wnsprintfW
wnsprintfA
wvnsprintfW

Sections

.crqx
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rqb
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dsh
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ