736418e3887e9832ecf7418d1847f92f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

736418e3887e9832ecf7418d1847f92f
Size

636KB
MD5

736418e3887e9832ecf7418d1847f92f
SHA1

83503effd75b536bc9c93bc90bcf1c1e48594c72
SHA256

e676b00b911a53a9acfe1bc0a17fdf08bb3468ac0c344342b953428b63784ee1
SHA512

1fd3e875e4a6a10eda74c3c703852b0d5b8b2f1bff220fd17f82e31b7d86285d2b15a6d983acccb6c802075a32ad1065187257aba82beb3f95325092154d4c63
SSDEEP

12288:YmFhr395JN/RHya7lDSyQIOBA5AmyG3sOOmUzCoS1vsIfjm:YIhfb/RSaxD5/OBA5AmyQsOtUmHlfj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
736418e3887e9832ecf7418d1847f92f

Files

736418e3887e9832ecf7418d1847f92f
.exe windows:4 windows x86 arch:x86

8dd3f42a102bf9f162d91b6c499b215b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
SetLastError
WaitForSingleObject
GetConsoleDisplayMode
GetVersion
GetAtomNameA
VirtualProtect
InterlockedExchange
LoadLibraryExA
GetSystemTime
WaitForSingleObject
GlobalSize
GetModuleHandleA
lstrlenA
GetConsoleCP
GetCommandLineA
GetACP
HeapCreate
ResumeThread
HeapReAlloc
LocalLock

user32

SetForegroundWindow
CreateIcon
GetCursorPos
GetTitleBarInfo
wsprintfA
BeginPaint
AnyPopup
EndPaint
DrawTextA
DragDetect
GetClassNameA
FrameRect
GetFocus
ShowWindow
GetWindow
GetDC
ReleaseDC
FillRect
GetParent

ntshrui

SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
DllCanUnloadNow
DllGetClassObject

msacm32

acmFilterEnumA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ