336bc599c4ab70fe1e36913f9217b1081b935f5a0333d22239d837de694ab3aa[.]exe | Triage

Sharing

General

Target

336bc599c4ab70fe1e36913f9217b1081b935f5a0333d22239d837de694ab3aa.exe
Size

48KB
MD5

cb6c38c569fb8a194636dcbca81f28c7
SHA1

99d990f912c3f564fc532ce3c74daf21344b5b3e
SHA256

336bc599c4ab70fe1e36913f9217b1081b935f5a0333d22239d837de694ab3aa
SHA512

68496a96359529b4ac5c89dd92fc64334b637bd962f2946680e62a1a134de06eb25407b9ccb6e5de751378cc2d8bebfa051e16e8db67937679cf5d09a8c822e5
SSDEEP

384:9AWIuHHYOrctnncLe45nQfrk8/jhiJzVSd0gGRJq/JyChhtl5BAix8Gz7QnYPLo5:9AlVOr2whNVSAFo7Q1VVPLLa0BdJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
336bc599c4ab70fe1e36913f9217b1081b935f5a0333d22239d837de694ab3aa.exe

Files

336bc599c4ab70fe1e36913f9217b1081b935f5a0333d22239d837de694ab3aa.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\mysink\VS2008\Projects\RemoveCredentialProvider\RemoveCredentialProvider\obj\Release\RemoveCredentialProvider.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ