3b3ad67926ba8c967d062e92fa0634b0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b3ad67926ba8c967d062e92fa0634b0N.exe
Size

28KB
MD5

3b3ad67926ba8c967d062e92fa0634b0
SHA1

b4fe728fd64a53072075bac6cca6d8d6fdda43a8
SHA256

e8ed8e6eaccb337c6fadb3c9f41a9c001ccf8be1abb9b8bca1096db51ea81294
SHA512

e489dd354a5ee6430e84cc9c92bd9d03826dc20b838cba2640c48e6729160a72fa8ce0483d5f93856e3a0dc793c6ebf300bbe37f2e6901a2001b5a704f0a7921
SSDEEP

384:0xPFKmMDb8SRa775W1caUfnb+X1mI+GvlYjf/2cpGNJaOdk3KR7wbWalxPQMkCqm:OkDgl72caUfAEIBYifNJ3R85rNa9YTKO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b3ad67926ba8c967d062e92fa0634b0N.exe

Files

3b3ad67926ba8c967d062e92fa0634b0N.exe
.sys windows:3 windows x86 arch:x86

ed1f1f7bd981c78cb1c478be6b84692f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

scsiport.sys

ScsiPortGetPhysicalAddress
ScsiPortWritePortUchar
ScsiPortLogError
ScsiPortInitialize
ScsiPortSetBusDataByOffset
ScsiPortGetBusData
ScsiPortReadPortUchar
ScsiPortGetUncachedExtension
ScsiPortGetDeviceBase
ScsiPortNotification
ScsiPortGetSrb
ScsiPortMoveMemory
ScsiPortCompleteRequest

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 960B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 704B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ