3d046c6629d728dee2555c12c1eecac6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d046c6629d728dee2555c12c1eecac6
Size

188KB
MD5

3d046c6629d728dee2555c12c1eecac6
SHA1

d6abcc9c348156c1b9763266a932b349defbe690
SHA256

dc2278ada58130b867ad94eec59bc4d2ca4f48ade7a931864d3de068b96826e5
SHA512

e24447faaeb35432b40244ebfae259c76b1532a4fb953501fa4a97aac50264d297beb818ecea52744d35c49c3829049b87d0319da52f27dfc92ca6df95149f24
SSDEEP

3072:+hmlOOxn9XQ9U47J6xgql6SrAPnEYy6aUaaMGYNId8RD/PMJUm3k+Pcr7473xQls:0mlOOHV4+gcCfvtasHQIHcYFQfSf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d046c6629d728dee2555c12c1eecac6

Files

3d046c6629d728dee2555c12c1eecac6
.exe windows:4 windows x86 arch:x86

c13c72fa1e908e738853535529fd4b78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW

shlwapi

StrStrW

kernel32

lstrcmpiW
GetCommandLineW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
CopyFileW
DeleteFileW
GetLastError
EnumResourceNamesW
LocalFree
lstrlenW
GetModuleFileNameW
RemoveDirectoryW
CreateDirectoryW
GetLongPathNameW
GetTempFileNameW
GetTempPathW
ExitProcess
GetModuleHandleW
FindResourceW
SizeofResource
WriteFile
CreateFileW
LockResource
LoadResource
lstrcatW

advapi32

RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23.4MB - Virtual size: 23.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ