36db96086fea812521ba525c5c7909d12365b658df81f6d8c68577bd867c9510 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36db96086fea812521ba525c5c7909d12365b658df81f6d8c68577bd867c9510
Size

8KB
MD5

4adbdea2108a0959f2bb6f65ff27ecbb
SHA1

cae7a23f391e579b63461fae32726785e28f16a8
SHA256

36db96086fea812521ba525c5c7909d12365b658df81f6d8c68577bd867c9510
SHA512

bdec52f552ac24625417e8cf5aa9c061e21e016550eec1b850912d90b2da43332cb0912ce10dd012d4464ab6ad43e1a6179bd1c3925f8beb4c41094c77a1e0c5
SSDEEP

192:sLHBKpbUD5jKXvR82N6K5xAhQSAhaU398izTciQbjuPXZcb7:ssbUFKXyXKMhQ79Nz4RoWb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36db96086fea812521ba525c5c7909d12365b658df81f6d8c68577bd867c9510

Files

36db96086fea812521ba525c5c7909d12365b658df81f6d8c68577bd867c9510
.dll windows:5 windows x86 arch:x86

bab287abd34888be50035187199a1350

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
WriteFile
Sleep
ReadFile
GetProcAddress
VirtualAlloc
GetModuleFileNameA
GetModuleHandleA
VirtualProtect
CloseHandle
GetTempPathA
CreateThread

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 378B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ