b3f5a3de31c7f06b5e776711157adea7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3f5a3de31c7f06b5e776711157adea7
Size

14KB
MD5

b3f5a3de31c7f06b5e776711157adea7
SHA1

39f8769c8861567986cbe84c8b3946c9682f1779
SHA256

4d342587cf383e16b95857be554861686ed00ffde8bde8673c9397460aeb6b54
SHA512

c105b956819b035655df7a996d6680b829e676a3695d17d56e3cb56e35904d58e1eda14a2fbaf08346098d8cf8f2629fd964551b14be27b7e8cac8fc7d6d8478
SSDEEP

384:m5kctqhiIuP6jLvdoig0jxtQ/cSjsL2dI1alCUK:m6ctqhBBLe1/cSjsLv1a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3f5a3de31c7f06b5e776711157adea7

Files

b3f5a3de31c7f06b5e776711157adea7
.exe windows:4 windows x86 arch:x86

83f40a4a5df2065a563e2e8b1d291e7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
HeapFree
GetProcessHeap
GetFileAttributesA
CloseHandle
GetProcAddress
SetFilePointer
CreateFileA
lstrlenA
GetModuleFileNameA
PulseEvent
LoadLibraryA
lstrcpyA
CreateEventA
WaitForSingleObject
SetEvent
WriteFile
ExitThread
GetVersionExA
CreateThread
GetTempPathA
ReadFile
ExitProcess
lstrcatA

user32

SetThreadDesktop
ShowWindow
PeekMessageA
CreateWindowExA
TranslateMessage
CreateDesktopA
MsgWaitForMultipleObjects
DestroyWindow
CharToOemA
wsprintfA
GetDesktopWindow
DispatchMessageA

Sections

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ