36f4dc642957c055901bbac59f57b680N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36f4dc642957c055901bbac59f57b680N.exe
Size

4KB
MD5

36f4dc642957c055901bbac59f57b680
SHA1

039c34f6ff7c7379a4caf98953a8859c4312e221
SHA256

215529150c556b1bfe05567aaf11016b09142c9b6cf56f9563f5db975b009b30
SHA512

68bb41c4469fe37a2342d5da4bbb681b7c6cb982d39855d73738e97cdbcd79d3ed9fd9a7d29d27257ef41e86fabcb98ff2cb599c39387645126a7fc93199ce9f
SSDEEP

96:Y0FDPe778ZW07ZbqYcfnp3GIC6amYnKyr:Y0te778cmmYYp25Dnb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36f4dc642957c055901bbac59f57b680N.exe

Files

36f4dc642957c055901bbac59f57b680N.exe
.exe windows:5 windows x86 arch:x86

6ca37e5e41278ceac6bd8157d469b53e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wininet

InternetOpenW

user32

wsprintfW

shell32

ShellExecuteW

Sections

.MPRESS1
Size: 1KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE