LB3[.]exe | Triage

Sharing

General

Target

LB3.exe
Size

326KB
MD5

1984cd9797f1dec2991f810bb24fb3f2
SHA1

90483d94f68ed30cd07707121ca64ff1eba9559e
SHA256

077c86e8b7aefccb31a806dff5a93bbac17ac032db4b71bbb8df7a29a939e3f9
SHA512

6cf6cd14eae4375e82d79416028873eaae4c0378f4d5a409102ec7814a0d43bd8d701b5c5313a749dfbdbd663ee73c15ba8436bceb007b130003fe6594a2d799
SSDEEP

6144:wp/Y3gNmnjoF8nhN3HlzSu/0Gfc+zXiwa3oWcNTVmc8cJkXodPnB+woFD:wSgNmnjoF8Lcu/p1TyiNXadp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
LB3.exe

Files

LB3.exe
.exe windows:5 windows x86 arch:x86

d43bbd1f69898ad010795609515881a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW

user32

CreateMenu

advapi32

RegCloseKey

Sections

Size: - Virtual size: 168KB

IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE