036a4da9d4e1e7174d94d01d32b8c14aac466d47bbaf58ea105aaf8661b1b908

General

Target

036a4da9d4e1e7174d94d01d32b8c14aac466d47bbaf58ea105aaf8661b1b908
Size

463KB
MD5

014586b32945723a4e6c50a1e55abf16
SHA1

b63837d825efdc352e08601632422a7d4ccf182b
SHA256

036a4da9d4e1e7174d94d01d32b8c14aac466d47bbaf58ea105aaf8661b1b908
SHA512

7abe1476dce8f3d620a3a54df052a9e54354fe52cbe270c21a659e20e3e5dae8e94c513d2737735fc8bb3c684260165bc47d9e45bf2f4133f2f95b35e4e5f7e3
SSDEEP

12288:xfXBRtQwZ/PK3/MXmKtV4K0x4/GjuD5gweikfirZJtmj:xpbQwZnn96He5VeHfik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
036a4da9d4e1e7174d94d01d32b8c14aac466d47bbaf58ea105aaf8661b1b908

Files

036a4da9d4e1e7174d94d01d32b8c14aac466d47bbaf58ea105aaf8661b1b908
.exe windows:4 windows x86 arch:x86

877e2e9846f335d976a11745a606bf27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
MultiByteToWideChar
SetHandleCount
GetCPInfo
GetProcAddress
SetLastError
HeapReAlloc
TlsFree
GetCommandLineA
HeapDestroy
GetCurrentProcessId
HeapAlloc
EnterCriticalSection
GetStartupInfoA
VirtualProtect
GetModuleHandleA
TlsAlloc
GlobalAddAtomW
GetVolumeInformationW
VirtualFree
GetStringTypeW
LCMapStringA
GetDateFormatA
IsValidLocale
TlsGetValue
DeleteCriticalSection
GetVersionExA
CompareStringA
MapViewOfFile
ExitProcess
GetTickCount
CommConfigDialogA
LCMapStringW
HeapFree
GetLastError
GetModuleFileNameA
IsBadWritePtr
LoadLibraryA
QueryPerformanceCounter
GetFileType
VirtualAlloc
CreateToolhelp32Snapshot
GetCurrentThread
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetLocaleInfoA
GetStdHandle
GetTimeFormatA
WideCharToMultiByte
GetUserDefaultLCID
SetEnvironmentVariableA
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetLocaleInfoW
FreeEnvironmentStringsW
ReadConsoleOutputW
GetOEMCP
GetStringTypeA
FreeEnvironmentStringsA
UnhandledExceptionFilter
TlsSetValue
IsValidCodePage
EnumSystemLocalesA
GetSystemInfo
WriteFile
CompareStringW
LeaveCriticalSection
GetACP
GetTimeZoneInformation
GetPrivateProfileSectionA
InterlockedExchange
HeapSize
HeapCreate
GetEnvironmentStringsW

user32

SetWindowsHookW
GetSubMenu
DrawEdge
GetKeyboardLayoutNameA
SetWindowsHookExA
OpenIcon
DrawCaption
GetDCEx
ReleaseDC
GetWindowPlacement
TrackMouseEvent
SetWindowRgn
CreateMenu
InternalGetWindowText
GetMenuItemInfoA
DdeFreeStringHandle

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

877e2e9846f335d976a11745a606bf27

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 140KB - Virtual size: 140KB

.data Size: 308KB - Virtual size: 308KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 140KB - Virtual size: 140KB

.data
Size: 308KB - Virtual size: 308KB

.rsrc
Size: 13KB - Virtual size: 12KB