383b92120c551163113324d4f410fbde[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

383b92120c551163113324d4f410fbde.exe
Size

50KB
MD5

383b92120c551163113324d4f410fbde
SHA1

ab5d93b016aa5066f455e077130d249e5fa102bc
SHA256

da5dbc5676fbed9119beaddf5d05b89d8d02379c96701a672cacf36381016153
SHA512

11ed538d6a6dca83d924162728df926d5382d08b6da39435ce1a20c9a7c1eb4660a54293215c4e3baf6817b11e5d80484f54250e63bd4327dc40825550d24334
SSDEEP

768:Y29LSmE+6/TDBQaJYHTgFKqiXPHc0FyrZa6reUOX5+Sp+fSq:b90tD6aJGgDWyrZNreUOpBKS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
383b92120c551163113324d4f410fbde.exe

Files

383b92120c551163113324d4f410fbde.exe
.exe windows:5 windows x86 arch:x86

4461412add2a4fc9f785c05cf3f3cd8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetHashParam
RegQueryValueExA

kernel32

FindClose

shlwapi

PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIA
StrCmpNIW
wnsprintfW
wvnsprintfA

user32

CharLowerBuffA
CharUpperW
CloseWindowStation
ExitWindowsEx
FindWindowExA
GetClipboardData
GetDlgItemTextA
GetKeyState
MsgWaitForMultipleObjects
PeekMessageA
ToUnicode

Sections

.vqr
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zud
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsz
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ