036e84552762794e572f14bfd751e922 | Triage

Sharing

General

Target

036e84552762794e572f14bfd751e922
Size

1.7MB
MD5

036e84552762794e572f14bfd751e922
SHA1

8f18f9fdd08519dc3aed19d5f8ae19e5062bff29
SHA256

96157cfc41ae7cddb20837314a0ea960e0b86e1249aa88be72c0e2c399eed1ed
SHA512

bd83019911381e8a0eb827f661a5e93ae1179a1c21b28dd42cec0b8f1659f6bf612e1fbb514d9caa363b0363921e1b0324d8355df9e5f38c2e9f65ddd1734a6b
SSDEEP

49152:I2jhBtMFLR9RzF2m8ar90uaPJnU9sSkq:I2jhfMFL1F2m8acPJnisSb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
036e84552762794e572f14bfd751e922

Files

036e84552762794e572f14bfd751e922
.exe windows:1 windows x86 arch:x86

dbbceac39f5975d959814fd9c7244aa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
lstrcatA
_lcreat
_lwrite
_lclose
ExitProcess

shell32

ShellExecuteA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ