3bb9540039e411bae67403b78822d19c | Triage

Sharing

General

Target

3bb9540039e411bae67403b78822d19c
Size

145KB
MD5

3bb9540039e411bae67403b78822d19c
SHA1

8bfc3de61dad1907f1d8b9a3706f33eab645166d
SHA256

d3af14f71b89cdd01193472f1004027cbffc660636e022e3f5115f537639678e
SHA512

3565b9e00c20d03039ad4618d559d1cba4cc7910731968d49f0b293e9aab655e431fe984c07825f2009a0609dc25935dfec2db0806a4d21d3816f390cffbc47e
SSDEEP

1536:cOSYU3r+cWfG0mQnt2mET7/DdfEd5N5KKb392MrqxUnsEM2dXJILlUzuTpHplWOY:gYGhQeTlfEH395rqPkdKtH5c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bb9540039e411bae67403b78822d19c

Files

3bb9540039e411bae67403b78822d19c
.exe windows:5 windows x86 arch:x86

e768b9f164f10b5311273f318e5a7e7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
HeapFree
CopyFileA
ReadFile
lstrlenA
OpenFile
HeapAlloc
GetCommandLineA
lstrcmpA
FindClose
GlobalFree
OpenFileMappingA
FlushFileBuffers
DeleteFileW
GetFileTime
lstrcatA
DeleteFileA
ExitProcess
CopyFileExA

advapi32

RegOpenKeyA
RegEnumValueA
RegEnumKeyW

user32

CloseWindow
GetCursor
CopyRect
GetWindowTextLengthA

Sections

.0d7g
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.084b1
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fg44
Size: 97KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.h1eh
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ag1h
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE