a36cf7ecceba9729b6ab8d42af7d1472 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a36cf7ecceba9729b6ab8d42af7d1472
Size

6KB
MD5

a36cf7ecceba9729b6ab8d42af7d1472
SHA1

fc692f55d10ec51fa49e23674752164e4fe71e55
SHA256

6491a346b8a0008d5437b2ccb2638901fd22c2904b1f7b57bca0e4049f8e6b8d
SHA512

c36bf49afb962fefabd45f9aeab2427b13e43998578fd46691cc3eda3822a11a3dceb98a2e3e127b7541d7cbd7b470f67b04ced01389ac0ddec7346bf5b4e832
SSDEEP

96:lM4P/7cNbFZ/bFYSJGZiJ2KF5Iq+Oz+q8JcpjBaEF7XHKlUiztvtV/R:37cNbFISJaiJ2KHmc3DF7XqbHV/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a36cf7ecceba9729b6ab8d42af7d1472

Files

a36cf7ecceba9729b6ab8d42af7d1472
.exe windows:4 windows x86 arch:x86

48efd0ed4fc4e8994b943ece754c378f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
EnumSystemLocalesW
GetCurrencyFormatA
FindFirstFileA
FormatMessageA
OpenWaitableTimerA
GetProfileStringA

user32

CharNextExA
CharToOemBuffW
DlgDirListA
PeekMessageW
GetMonitorInfoW
CharNextExA

gdi32

RemoveFontResourceW
TextOutA
GetGlyphIndicesA
GetCharWidthA
GetOutlineTextMetricsA
GetKerningPairsW
GetTextFaceA

Sections

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 655B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ