34a6ccfd4d37cd771b2c24e5d86bb1c0N[.]exe | Triage

Sharing

General

Target

34a6ccfd4d37cd771b2c24e5d86bb1c0N.exe
Size

19KB
MD5

34a6ccfd4d37cd771b2c24e5d86bb1c0
SHA1

b3cc55ab524c950752338b1fb06cb37b7431e162
SHA256

9c1114a40c2895cb8f688fd33a11ce21a878503925bb329d523a96d50a5f160a
SHA512

f80045dac7b2ffd01d0dbd2f4aa70e3cef2a0ff4a546a25408f6ce2c4f58c2ab2f58c73ff26e827f90741dd25fd0ecc6e25eeae610b6d5928e1a2a775e0462e8
SSDEEP

384:8QZqSstnLmJ1d6dzkT8OwNrSfB73TtWMiS2R3Xbr17vvxlL:xqSsE1EdgT8rgDtWfSW3Lx7D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34a6ccfd4d37cd771b2c24e5d86bb1c0N.exe

Files

34a6ccfd4d37cd771b2c24e5d86bb1c0N.exe
.exe windows:5 windows x86 arch:x86

7bef13f58538df84f5270fe7542e9811

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

SetTimer

shell32

ShellExecuteExW

ole32

CoInitializeEx

psapi

GetModuleBaseNameW

shlwapi

StrStrNIW

ntdll

memset

advapi32

RegFlushKey

Sections

.MPRESS1
Size: 15KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE