36cbd1594a01fbb626fc9098d71eb2e0

General

Target

36cbd1594a01fbb626fc9098d71eb2e0
Size

41KB
MD5

36cbd1594a01fbb626fc9098d71eb2e0
SHA1

cd1bd522526abc301889e4b95fdd01c5fe4ff39c
SHA256

3c2d8af07f63e6caf96373bbaa8fd7659e35352218a043dd3629b2f49e72b945
SHA512

d7e3e084f18429ade4ebc7ce08de6aedead2166176cb76cf5d48f32b8c465a3c885e600318d9567d095d201861a74c20e4a4fc4820984238b89159adaf2a39a0
SSDEEP

768:+adJ6G8b1ibjBlPdTYdTNOzjKzScm1uCCFOjeg1GMKr:7J6fajBDTYGzjL1x0OpO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36cbd1594a01fbb626fc9098d71eb2e0

Files

36cbd1594a01fbb626fc9098d71eb2e0
.exe windows:4 windows x86 arch:x86

fa00505736bbdfa9ed91fcb03261b034

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBW
CreateToolhelp32Snapshot
DebugActiveProcess
DeleteCriticalSection
DisconnectNamedPipe
EnumResourceTypesA
ExitProcess
GetCommProperties
GetCompressedFileSizeA
GetLogicalDrives
GetLongPathNameA
GetModuleHandleA
GetNumberFormatA
GetSystemInfo
GetThreadLocale
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
IsSystemResumeAutomatic
LocalCompact
LocalFlags
PeekConsoleInputA
SetCommMask
SetComputerNameA
SetLastError
UnlockFile
lstrcat

user32

ClipCursor
DdeAccessData
DdeQueryNextServer
DdeUnaccessData
DefMDIChildProcW
DrawStateA
EmptyClipboard
EnableWindow
EnumDesktopWindows
EnumDisplaySettingsA
GetAsyncKeyState
GetIconInfo
GetMenuContextHelpId
GetPriorityClipboardFormat
GetWindow
HiliteMenuItem
InsertMenuA
LoadBitmapA
OemKeyScan
PeekMessageW
RegisterClassW
SendMessageA
SetForegroundWindow
SetKeyboardState
SetMenu
UpdateWindow
VkKeyScanA
VkKeyScanExW
keybd_event

gdi32

CreateBitmap
CreatePenIndirect
Ellipse
EnumFontFamiliesExW
GdiFlush
GetBitmapBits
GetBkMode
GetCharWidthW
GetDIBColorTable
GetEnhMetaFilePaletteEntries
GetGlyphOutline
GetNearestColor
GetPath
GetRasterizerCaps
GetStockObject
PolyPolygon
PtVisible
RoundRect
SaveDC
SetTextCharacterExtra

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa00505736bbdfa9ed91fcb03261b034

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 40KB - Virtual size: 52KB

.rdata Size: - Virtual size: 4KB

.rsrc Size: - Virtual size: 12KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 40KB - Virtual size: 52KB

.rdata
Size: - Virtual size: 4KB

.rsrc
Size: - Virtual size: 12KB