d36320a5a5285ab39a11b86c1a4c09f17417e7ff36c974e667c3205810f97e1f[.]exe | Triage

Sharing

General

Target

d36320a5a5285ab39a11b86c1a4c09f17417e7ff36c974e667c3205810f97e1f.exe
Size

3.9MB
MD5

52a2ab6d4b61080c63af5cdc22e60167
SHA1

bd24085ca0f4f7c7115ec63131c359c9f51c151b
SHA256

d36320a5a5285ab39a11b86c1a4c09f17417e7ff36c974e667c3205810f97e1f
SHA512

4446aacae4a2a0610cad24499eefcd068afbcb742bb3a1f47318ae1eda55f72c6c9eecca0ef68d7ae7a8f00ce5f2675e8d47a5b4e83a39d7d4195cb40c8270a4
SSDEEP

49152:zurUGf15tSmQGy8WtEStDw7LMu58jxuzLPzT4:TG1/Q5ESt07+WLH4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d36320a5a5285ab39a11b86c1a4c09f17417e7ff36c974e667c3205810f97e1f.exe

Files

d36320a5a5285ab39a11b86c1a4c09f17417e7ff36c974e667c3205810f97e1f.exe
.exe windows:5 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 416KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vakkurrp
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

egbdqnrl
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ