3d44e0cbae66532740fe94c84aff4937 | Triage

Sharing

General

Target

3d44e0cbae66532740fe94c84aff4937
Size

48KB
MD5

3d44e0cbae66532740fe94c84aff4937
SHA1

4b2bcfb9fcecb9d9dddac3f4bb79b5df6beafa00
SHA256

c45e538a36b5163092623e42374454082130630f14a170be8a09572d79c45924
SHA512

f26156da4a9035b8945c062ffafd6ffcff7c8b819236e52a8e6e0678546255758805de4506db7642e87ca7331c5f0255ac7df01da4fd1e563e27e7e799e8b2fd
SSDEEP

1536:EyT+oYMPewxpSLkrN/n/8INxa1bKyDrHYC0C6:EyT+oTPewfxNH8INyb54T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d44e0cbae66532740fe94c84aff4937

Files

3d44e0cbae66532740fe94c84aff4937
.exe windows:5 windows x86 arch:x86

06eec78eba36c8f63248924a4f93dcfe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DuplicateTokenEx
RegQueryValueExA
CryptReleaseContext
CryptGetHashParam
RegCloseKey
RegDeleteValueA
CryptCreateHash

shlwapi

StrCmpNIA
SHDeleteKeyA
PathRemoveFileSpecW
wnsprintfW
wnsprintfA
PathMatchSpecW
StrStrW
StrCmpNIW
wvnsprintfW
wvnsprintfA
PathCombineW
PathFileExistsW
PathFindFileNameW

Sections

.shihij
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jur
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfqb
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ