subnet[.]exe | Triage

General

Target

subnet.exe
Size

184KB
MD5

537945feb9048dae890ab3268805fc1c
SHA1

6fd772cb2a403feb4518e17dc92c89785a653ca1
SHA256

0b1f7302cf6d8bd21d43014189a6ffb04ab0c3e6559f20e5d151063e108326a1
SHA512

ff53f2cc6cd7fa9a95d56ea3cf20ee5669ed13ab57b2a9e8fe52900895c9eefaa02b9d1d92b8c076f7c55755eeade68d1be588ac237bb6b9ad54f08835d16f47
SSDEEP

3072:WNJD7zuSuxSCmzY1Th+vRHV/OaqrFm5WokBItfZTJzWQRjmlZKzJ0a1A:KF7zuSnVCThCRJHqgYARTJzWMjmlMtA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
subnet.exe

Files

subnet.exe
.exe windows x86

f9df32e9007ce6757e7927e8215c0b49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetProcAddress
GetModuleHandleA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
RaiseException
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
GetACP
GetOEMCP
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
VirtualQuery
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
LoadLibraryA
GetLocaleInfoW
ReadFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9df32e9007ce6757e7927e8215c0b49

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 176B