3e9bebadffd06ec0354dc80d31b4f29e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e9bebadffd06ec0354dc80d31b4f29e
Size

228KB
MD5

3e9bebadffd06ec0354dc80d31b4f29e
SHA1

2f376acceea83a3c3ec91888fe1743fe08576c0a
SHA256

322f39265e41835d2dead0c75c0e33418ba009c1daf9698567efe709fa22669a
SHA512

a8563f089abc9f699abdb2ac5adf912e8faa7e26f458e6500e33d131c83fbaf570facc6ef726dadb3c760d155f2d284f7f0668d8e738670d6a76528da8d0330d
SSDEEP

6144:byAyRa5qY+8b4ADQTGAZ0bXShkTEKTQht3Hje34:byAy/N8b4QXAZUShLKTit3O4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e9bebadffd06ec0354dc80d31b4f29e

Files

3e9bebadffd06ec0354dc80d31b4f29e
.exe windows:4 windows x86 arch:x86

dbb4c9131fe832a68bd8e4c0ed4cf248

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
ExitProcess
CreateFileA
CloseHandle
LCMapStringA
LoadLibraryA

user32

CreateWindowExA
CloseWindow
SetWindowLongA
CharLowerBuffA
wsprintfA

advapi32

RegEnumValueA
RegDeleteKeyA
RegQueryValueA
RegDeleteValueA
RegCloseKey
RegSetValueA
RegEnumKeyA
RegOpenKeyA
RegCreateKeyA

Sections

.text
Size: 207KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ