36f7d94b47b10fd30a863f7d76bad3b9dc58a92f7a8f5c5ed9b72c87c8d2c7a5N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36f7d94b47b10fd30a863f7d76bad3b9dc58a92f7a8f5c5ed9b72c87c8d2c7a5N
Size

680KB
MD5

1e680baa7309bda4d76c627333f2ccf0
SHA1

d73aceb1db04fcd02f01e448684466239908bbf1
SHA256

36f7d94b47b10fd30a863f7d76bad3b9dc58a92f7a8f5c5ed9b72c87c8d2c7a5
SHA512

2baace29a536ba9d12934ff697aaebbec30ab9fc6793a52a44661791ae2674ca52a3524a274e89310ae8ec9c07ba90ea0e2006ba785932b5f6df283c71d3747e
SSDEEP

12288:noyfJHIVUFZ/z9N9XSzsS3PP6yijYylek4FWgjGY5m2Cp:lH2UFZ/ziL6zdkFWvYvCp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36f7d94b47b10fd30a863f7d76bad3b9dc58a92f7a8f5c5ed9b72c87c8d2c7a5N

Files

36f7d94b47b10fd30a863f7d76bad3b9dc58a92f7a8f5c5ed9b72c87c8d2c7a5N
.exe windows:4 windows x86 arch:x86

f4089733edef69e83069096af4922787

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
SetEvent
OpenProcess
OpenFileMappingW
LocalReAlloc
CreateMutexW
LoadLibraryExW
RaiseException
ExpandEnvironmentStringsW
Sleep
OutputDebugStringA
QueryPerformanceCounter
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetFileTime
GetFileSize
HeapAlloc
GetProcessHeap
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 652KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ