3d11b7701f1e58eb6170e8ffa03909822a15cac59d29a035f0242570df2a196b | Triage

Sharing

General

Target

3d11b7701f1e58eb6170e8ffa03909822a15cac59d29a035f0242570df2a196b
Size

160KB
MD5

76f7eb2eaaefe3ac777718390ac16165
SHA1

bdcfbbffc7c58cf82aead37d0c6358f140420913
SHA256

3d11b7701f1e58eb6170e8ffa03909822a15cac59d29a035f0242570df2a196b
SHA512

2c664804ff14b4e09099a71512bcbf740865ded0a3dfcba4ea7104340fabed0867836cd007c6f2ce70be9a1464ba6b898477623c0f8e3b70aac37afd359344a2
SSDEEP

1536:tumYumkrSs8p387CtkAnC/5noigbHO3etJ6vFyaVwinywBxX7antKy:tCzj387Ctk1ojjOOf6vFyaiXwD7antKy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d11b7701f1e58eb6170e8ffa03909822a15cac59d29a035f0242570df2a196b

Files

3d11b7701f1e58eb6170e8ffa03909822a15cac59d29a035f0242570df2a196b
.exe windows:4 windows x86 arch:x86

d196db5397675f4d9c6afcb04f1a44a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetExitCodeProcess
ReadFile
GetPrivateProfileIntA
GlobalAlloc
GetFileSizeEx
GetTickCount
CreateFileA
GetModuleFileNameA
GetLastError
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

user32

RegisterClassExA

msvcr80

_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
_XcptFilter
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_except_handler4_common
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_invoke_watson
_controlfp_s
_crt_debugger_hook
_exit
_cexit
__getmainargs
_amsg_exit
?terminate@@YAXXZ
??_U@YAPAXI@Z
??_V@YAXPAX@Z
??3@YAXPAX@Z
__setusermatherr

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ