036609906b4d803e14eb206c6f5895c5 | Triage

Sharing

General

Target

036609906b4d803e14eb206c6f5895c5
Size

133KB
MD5

036609906b4d803e14eb206c6f5895c5
SHA1

4e4cbb3660ac620f939d5130d5d862eaf3178793
SHA256

8331dc824003b1798abd3633ce52e8bd02da390b968c655ef4774d1459593988
SHA512

05cbc0f780bb5cf01cf4ed0a7725fe7c09432e266f4c16942c0b471ca2398efe08f3c54c3eee29513b0e275f748565c30d75cb3626a32efff87356f5fd272081
SSDEEP

3072:qnpc6QQivfiPiOTGWpVBDKy+xLG2KbwA0L+efw696LN:qpc6eHobTTBDKPK/efwm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
036609906b4d803e14eb206c6f5895c5

Files

036609906b4d803e14eb206c6f5895c5
.exe windows:5 windows x86 arch:x86

4afd4e5f01c07b2143f83d6f6603a401

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpLogicalW
PathCompactPathExA
StrCmpNIA

kernel32

GetSystemDirectoryA
lstrlenW
GetModuleHandleW

Exports

Exports

?CoolerOptions@[SXH_KK]V
?GetImpersunt@[SXH_KK]V

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xsys
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ