326b64256ea0e8b6f1882a963f3a0f04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

326b64256ea0e8b6f1882a963f3a0f04
Size

134KB
MD5

326b64256ea0e8b6f1882a963f3a0f04
SHA1

4c483cd6e2049700381ab614c83a9ba53b66ff4c
SHA256

d47d25eceed04b6df90276b5a91f3e1e46d91d0b9ece902e1572ef6e72f1a47b
SHA512

b310c7cbc71a8e83970da691e88eaf8df4e708990654833b2c5dc211381f1dfa97e16026b4c573f9676cf734bc3bf3f7661ce7272bec020b07b20bbf21c8324e
SSDEEP

3072:aDvOP4f7DpIR/yYT0JgTVW+U33CUhP5StbtsHn:aDRXps/yYA0V833CUh5S1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
326b64256ea0e8b6f1882a963f3a0f04

Files

326b64256ea0e8b6f1882a963f3a0f04
.exe windows:5 windows x86 arch:x86

e505dc7986748e5a67695c215f1a6e90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
VirtualAlloc

version

GetFileVersionInfoA

shell32

ExtractIconW
ShellExecuteW

ws2_32

WSAGetLastError

oleacc

LresultFromObject
CreateStdAccessibleObject

comdlg32

GetFileTitleW

comctl32

LBItemFromPt

Sections

.text
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE