3db636a478c20b1ab0e904da4d0c68b9 | Triage

Sharing

General

Target

3db636a478c20b1ab0e904da4d0c68b9
Size

220KB
MD5

3db636a478c20b1ab0e904da4d0c68b9
SHA1

1a41f0eed7ebf12b7343a462a4fab16596ac8034
SHA256

dba13d4cecd44dfcd69331701d6fdab3cca66c09e9c061dcf7f65eb881e8c6fa
SHA512

7f9bb01138f4433bad509368ef2e378475699dd03161d34bbd84ebc890dce1f0e23bfb56b03461e0464d0bb5abaabd226d9e358f571e0a84609e3b467daaa87a
SSDEEP

3072:ttCnFCqR8Ss361HRcaZ72fWXIxZXDXrj2kiCay8Rqrica9/aR2OJ+ndsX7v4qXx/:Ocq0361HRcf3VAjv3cCalDt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3db636a478c20b1ab0e904da4d0c68b9

Files

3db636a478c20b1ab0e904da4d0c68b9
.exe windows:4 windows x86 arch:x86

1dac5d81dd928d6c9a7b0f761d44d830

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
GetSystemRegistryQuota
OpenJobObjectA
HeapFree
LZOpenFileA
OpenSemaphoreA
HeapUnlock
GetFileSizeEx
VirtualAlloc
GetFullPathNameA
AllocConsole
GetTickCount
GetConsoleAliasExesLengthW
GetCommModemStatus
GetCommandLineW
InterlockedExchange
DeleteTimerQueueEx
GetVDMCurrentDirectories
GetVersionExA
SetFilePointer
CancelWaitableTimer
GetDiskFreeSpaceExA
GetProfileStringA
HeapAlloc
PurgeComm
GetProfileSectionA
WriteConsoleInputA

ws2_32

recv

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 846KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ