Ku3d36P[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Ku3d36P.exe
Size

1.1MB
MD5

9cce8b484e8d8b713ac8b7a0adbe7c92
SHA1

0fa63d87dd2d57f403d494ce4d0ee04c90afdd78
SHA256

2530a878479db73fe0ef0d1e33140c456bb6d79b7df2f66866d558ac39ddf4c3
SHA512

9ba015a05a663b5117dff0a9831cc082c4638fd2966878f48e29e2c066fdacc7ef30f3423e91eb6a534a0b39955d446898b5b52855730396facfda88495b79d5
SSDEEP

24576:Ces4hmkoAODnxcL/zUyrXXxOPK9n82xdgEUDuc5ncLW5R0ZZMNo:8RnxclXxDl8cgEUDucBcCzP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Ku3d36P.exe

Files

Ku3d36P.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ