3b7674f11024eee37a1d04f732d45ca0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b7674f11024eee37a1d04f732d45ca0
Size

41KB
MD5

3b7674f11024eee37a1d04f732d45ca0
SHA1

c5f9a085e9ecbaa810577d695d0ab0a3db898a04
SHA256

340956834d80d499902986936ae91f7111239ab300f5052f4b41f8584f50c40a
SHA512

057df76a340f773bdcbcee6cdeef5e11e6a62c454d087c09e742f5eec745e781cf811e3b15532086ef2af8d641e5057b0e21c3808341cd9fc3fb54b6d61c8e85
SSDEEP

384:VHyypu0tkWw75wROS7ZyqjnVXJpsRzHaUDnx9Rv75KA9/BRQftByB0tFi0AwlCna:VHanwROS8w61vx75LBRVdtna

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b7674f11024eee37a1d04f732d45ca0

Files

3b7674f11024eee37a1d04f732d45ca0
.exe windows:4 windows x86 arch:x86

8c1bd8fea2786dc4976a1ff75a414bfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateRemoteThread
WriteProcessMemory
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualAllocEx
OpenProcess
GetModuleFileNameA
CloseHandle
Process32First
CreateToolhelp32Snapshot
CreateProcessA
CreateDirectoryA
GetTickCount
GetWindowsDirectoryA
GetSystemDirectoryA
Process32Next

user32

MessageBoxA

advapi32

RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA

msvcrt

rand
?terminate@@YAXXZ
_except_handler3
sprintf
strrchr
fgetc
fclose
??3@YAXPAX@Z
??2@YAPAXI@Z
fwrite
_stricmp
srand
fread
ftell
fseek
fopen
__CxxFrameHandler

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ