36d8477fac5365dbc78f32e0949be1e2

Sharing

Copy URL Twitter E-mail

General

Target

36d8477fac5365dbc78f32e0949be1e2
Size

84KB
MD5

36d8477fac5365dbc78f32e0949be1e2
SHA1

9fe206e3a61486d4302a1d59808f84791c103d02
SHA256

58f1ad805832d7f70f9995029012b10aba6d5d9fd934f791d0afe2d320a5421c
SHA512

d0acf9c35b3a40d6bbbf146f2d74a24a0fac46651bd59af324d0f74aeef0883efb8714270b84f8b5ef568d20aad29db7b5874acbd6dc8fae5b356a623a9e6c86
SSDEEP

1536:KRIyT5NLZZWnLcfBzDxW/wmX/iyvByEAPq8fD+6heAZSjuuOP:K+q5N98LuBzDw/wmX6y8EACeD+5AZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36d8477fac5365dbc78f32e0949be1e2

Files

36d8477fac5365dbc78f32e0949be1e2
.exe windows:4 windows x86 arch:x86

beec3e862e7d6c54a1b59ffe8be20f48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColorBrush
EnableMenuItem
GetScrollPos
UnhookWindowsHookEx
SetWindowPos
PostQuitMessage
FrameRect
GetSubMenu
EqualRect
EnumWindows
GetMessageA
SetWindowTextA
GetSysColor

kernel32

InterlockedExchange
GetCurrentProcessId
RtlUnwind
QueryPerformanceCounter
GetSystemTime
ExitProcess
FileTimeToSystemTime
GetACP
GetOEMCP
GetFileAttributesA
VirtualAllocEx
GetThreadLocale
GetTempPathA
GetTickCount
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetStartupInfoA

gdi32

GetMapMode
ExcludeClipRect
DPtoLP
SetViewportExtEx
CreateCompatibleBitmap
SelectClipPath
FillRgn
CopyEnhMetaFileA
CreateICW

ole32

CoInitializeSecurity
OleRun
CoRevokeClassObject
CoCreateInstance
CoInitialize
StgOpenStorage
DoDragDrop
StringFromGUID2
CoTaskMemRealloc

advapi32

CryptHashData
FreeSid
AdjustTokenPrivileges
RegCreateKeyExW
GetUserNameA
QueryServiceStatus
GetSecurityDescriptorDacl
CheckTokenMembership
RegCreateKeyA
RegQueryValueExW

msvcrt

__initenv
_mbscmp
strncpy
__setusermatherr
_flsbuf
fflush
signal
_fdopen
__getmainargs
raise
_lock
strcspn
fprintf
strlen
puts
_strdup
_CIpow
iswspace

comctl32

ImageList_Write
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_GetBkColor
ImageList_DragEnter
ImageList_DrawEx
ImageList_Destroy
ImageList_GetIconSize
InitCommonControls
ImageList_SetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
CreatePropertySheetPageA

shell32

SHGetPathFromIDList
DragQueryFileA
DoEnvironmentSubstW
CommandLineToArgvW
DragQueryFileW
ExtractIconExW
ShellExecuteEx
ExtractIconW
ShellExecuteW
SHBrowseForFolderA
DragAcceptFiles

oleaut32

SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayPtrOfIndex
SafeArrayCreate
SysReAllocStringLen
SafeArrayRedim
VariantCopy
SafeArrayPutElement

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

beec3e862e7d6c54a1b59ffe8be20f48

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: 41KB - Virtual size: 40KB

.rsrc Size: 6KB - Virtual size: 76KB

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 6KB - Virtual size: 76KB