3dbc7301210177c294894ce4177bfaf5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dbc7301210177c294894ce4177bfaf5
Size

34KB
MD5

3dbc7301210177c294894ce4177bfaf5
SHA1

55823c8c5a631f11860b739d8cdcfe3fc26cf0ae
SHA256

933fce7ea66f4c1775cc87f42866888dcb44393fbea41e45c863e6790d6ec315
SHA512

0a487dfc598048daf3e1e82355945c643e8ec2e3cb59c5a6366b6ea6d6c23b7ccb57b9d752f7683fe0b74cd5591935aecd3507c15fd1a02c14046d32a0c3817e
SSDEEP

768:cS5VWor2k5Ul7YV7+1eFcwQz76qnoKlda+8xk0km:cRo27YVK1QQzuKXaHk9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dbc7301210177c294894ce4177bfaf5

Files

3dbc7301210177c294894ce4177bfaf5
.exe windows:1 windows x86 arch:x86

18cf68b4786edd3f6643647fa569774b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetTickCount
lstrcatA
GetStartupInfoA
InterlockedExchange
GetStringTypeA
GetDriveTypeA
Sleep
GetConsoleCP
HeapCreate
HeapAlloc
SetFilePointer
GetModuleHandleA
GetCurrentProcess
FreeEnvironmentStringsW
ExitProcess
ResumeThread

msvcrt

memcpy
_endthread
__setusermatherr
_acmdln
_exit
strncat
_cgetws
_adjust_fdiv
__p__commode
_XcptFilter
_eof
log
_c_exit
_strtoi64
_initterm
memcmp
_controlfp
fputc
__set_app_type
__getmainargs
exit
_except_handler3
_mktemp
__p__fmode

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ