0003b0c9d3c6a62ca5d7093f8bcbd970N[.]exe | Triage

Sharing

General

Target

0003b0c9d3c6a62ca5d7093f8bcbd970N.exe
Size

60KB
MD5

0003b0c9d3c6a62ca5d7093f8bcbd970
SHA1

0e8451e40fbc73366ccf3439debddf79c02ad9e6
SHA256

5b82fa13e2cb786c8d24724e47a20e164719c3e44ac5bdd1aeb0a4b269e23f85
SHA512

05667ff1be34d3947d4c9fd402f81e122437e6e65ab0dc82458fad9f67c13d600142f8a0962461ac0a7b9b4e10361773337a5281efc91b122e2e329f63ec86d3
SSDEEP

1536:agJIfjGhW1qmI1XlUxSY+A37feaCMJDmYsLIb4PvYqHB/AdGb:XImlUxSDADeak7dJHB/AdGb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0003b0c9d3c6a62ca5d7093f8bcbd970N.exe

Files

0003b0c9d3c6a62ca5d7093f8bcbd970N.exe
.exe windows:4 windows x86 arch:x86

0161f46ddd296f831bb8ccf1347a0088

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
WritePrivateProfileStringA
GetAtomNameA
SetCurrentDirectoryA
GetModuleFileNameA
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetSystemInfo

user32

PostMessageA
FindWindowA

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE