3b70d7a6eca937fbf9c3253e2e55733008ae25f19e054afcc7e5bdf2a170b7b3[.]exe | Triage

Sharing

General

Target

3b70d7a6eca937fbf9c3253e2e55733008ae25f19e054afcc7e5bdf2a170b7b3.exe
Size

33KB
MD5

e5b42dd7efabacf213b0424c30e7ae8e
SHA1

f77548bd265bf7e742a37ddfa47b154a845a3567
SHA256

3b70d7a6eca937fbf9c3253e2e55733008ae25f19e054afcc7e5bdf2a170b7b3
SHA512

ee79cf176c41424e0487571eb9d59c57a8e2544f1b9acbb6e15feccaf0eac441d6ff3a8825d5ad2d57e2b106ab65e78007fc65d9cb95136b1c6904da9822adb2
SSDEEP

768:0fVhP/4kt3+9IV6Y90ksQ1oWHT0hh0vy9S5fsYGbTmoN/yE56hlSQ7DF:0fVRztyHo8QNHTk0qE5fslvN/956qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b70d7a6eca937fbf9c3253e2e55733008ae25f19e054afcc7e5bdf2a170b7b3.exe

Files

3b70d7a6eca937fbf9c3253e2e55733008ae25f19e054afcc7e5bdf2a170b7b3.exe
.exe windows:4 windows x86 arch:x86

86af082a0a719298fcaba0f2624e072d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wininet

InternetOpenW

shlwapi

StrStrIW

user32

SetParent

advapi32

RegCloseKey

shell32

SHGetFolderPathW

ole32

CoInitialize

oleaut32

SysFreeString

Sections

.MPRESS1
Size: 29KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE