36777fbd3be9e2exeexeexeex[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

36777fbd3be9e2exeexeexeex.exe
Size

822KB
MD5

36777fbd3be9e266a94ebbf0e81638b5
SHA1

587d659d1ba35112093dca1fabe18fdf7f05b12a
SHA256

b68eeb789f7aa1e67f3397580e3d031879b93b88909329c75e47275ed0925ef6
SHA512

17b520812f9d19434e94162ee72a028fb65fa2bf017edc8f2e2f551c3ffb79f78c516e18ba7af43f6f33bb6d6204dabae46818accce763cda374418e9a491773
SSDEEP

24576:tgkb7ldNKmpk6lUgHodmysqhubRPHbalYm0c:tgC7lfk6DHoUPbR/gYc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36777fbd3be9e2exeexeexeex.exe

Files

36777fbd3be9e2exeexeexeex.exe
.exe windows x86

4bdf77a5ea88cc5aa0a119e22cf51334

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathA

kernel32

WriteFile
GetCommandLineA
GlobalAlloc
GetSystemDirectoryA
CreateDirectoryA
GetLastError
RemoveDirectoryA
CreateMutexA
CloseHandle
LocalFree
DeleteFileA
ExitProcess
GetLocaleInfoA
WideCharToMultiByte
SetDllDirectoryA
TerminateProcess
FindClose
Sleep
FormatMessageW
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
PeekNamedPipe
SetHandleInformation
GetExitCodeProcess
CreateProcessA
ReadFile
CreatePipe
MultiByteToWideChar
GetNativeSystemInfo
GetCurrentProcess
GetVersionExW
GetModuleFileNameA
GetTempPathA
GetTickCount
FreeLibrary
LoadLibraryW
GetProcAddress
WaitForSingleObject
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
lstrcmpA
DecodePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapSetInformation
GetStartupInfoW
HeapAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
GetFileType
GetConsoleCP
GetConsoleMode
GetCPInfo
RaiseException
CreateFileA
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
FlushFileBuffers
GetFullPathNameA
GetFileInformationByHandle
GetCurrentDirectoryW
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetStdHandle
SetEndOfFile
GetProcessHeap
WriteConsoleW
GetLocaleInfoW
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
GetDriveTypeW
GetTimeZoneInformation
CreateFileW
CompareStringW
SetEnvironmentVariableA
EncodePointer
GetModuleHandleExA
RtlUnwind

user32

DispatchMessageW
IsWindowUnicode
PeekMessageA
TranslateMessage
GetMessageW
GetMessageA
MsgWaitForMultipleObjectsEx
DispatchMessageA

advapi32

RegSetValueExA
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 580KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4bdf77a5ea88cc5aa0a119e22cf51334

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

user32

advapi32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 580KB - Virtual size: 584KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 580KB - Virtual size: 584KB