03368199[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

03368199.exe
Size

328KB
MD5

7b36ed86d27bfee50eaa7045e611b84a
SHA1

8a636ec2650836a83a5a66dcc3f6e11745c016f3
SHA256

8a259965e48e8eee6dcdc87f76daa150f25999e66f7d498357bf796709c61c67
SHA512

f14b46218411fc609788162d0a3789972a75ea6af6f38d6bff81779486c9e8434e9cffb31bc76ca85ff92b73321b455dbfe8cbe18b35c70acbbe295ac29a26e1
SSDEEP

6144:yZbj2JIxTR0zaNuW1YfX0uR6RpkpQym5Dj+3P:yNj2JI5R7YfX0uikQym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03368199.exe

Files

03368199.exe
.exe windows x86

bb88efa3bf52d99b0f7a3f2b92d5d5f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConvertThreadToFiber
GetConsoleAliasExesLengthA
BuildCommDCBAndTimeoutsA
InterlockedIncrement
OpenJobObjectA
InterlockedDecrement
SetMailslotInfo
GetLogicalDriveStringsW
FreeEnvironmentStringsA
GetTickCount
EnumCalendarInfoExW
WaitNamedPipeW
EnumTimeFormatsW
GetDriveTypeA
GetVolumePathNameW
GetSystemDirectoryW
SetFileShortNameW
GetPrivateProfileStructW
GetCalendarInfoA
LeaveCriticalSection
GetFileAttributesA
GetExitCodeProcess
WriteConsoleW
SetSystemPowerState
WritePrivateProfileSectionW
CompareStringW
CreateMutexW
EnumSystemLocalesA
GetPrivateProfileIntW
GetCurrentDirectoryW
GetProcAddress
AttachConsole
MoveFileW
SetComputerNameA
SearchPathA
LoadLibraryA
OpenThread
InterlockedExchangeAdd
OpenWaitableTimerW
LocalAlloc
SetCalendarInfoW
MoveFileA
FindFirstVolumeMountPointW
AddAtomW
SetFileApisToANSI
GetDiskFreeSpaceA
GetModuleHandleA
CancelTimerQueueTimer
FreeEnvironmentStringsW
FindNextFileW
GetStringTypeW
EnumDateFormatsW
SetThreadAffinityMask
DeleteFileW
GetCurrentProcessId
SetProcessAffinityMask
GetShortPathNameA
GetVolumeNameForVolumeMountPointA
CloseHandle
SetStdHandle
GetLastError
WideCharToMultiByte
HeapFree
DeleteFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapAlloc
IsProcessorFeaturePresent
HeapCreate
EnterCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
Sleep
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
LoadLibraryW
HeapReAlloc
FlushFileBuffers
CreateFileW

gdi32

GetCharABCWidthsW
SelectObject

shell32

DuplicateIcon

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 159KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb88efa3bf52d99b0f7a3f2b92d5d5f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

shell32

Sections

.text Size: 85KB - Virtual size: 85KB

.data Size: 159KB - Virtual size: 622KB

.rsrc Size: 82KB - Virtual size: 82KB

.text
Size: 85KB - Virtual size: 85KB

.data
Size: 159KB - Virtual size: 622KB

.rsrc
Size: 82KB - Virtual size: 82KB