36eb1ea3a78d98ec4e4f22555b178458

General

Target

36eb1ea3a78d98ec4e4f22555b178458
Size

453KB
MD5

36eb1ea3a78d98ec4e4f22555b178458
SHA1

052d5e897306e012711237ff194114353ed5253c
SHA256

b957897e09dba4c40bfb22be43c5b7c04b6c43de33ef05ae3ddac737bb98c106
SHA512

1dbee38e2d72cafd8330042b011d950ebef0763e97a75cd0c19672c69609a46585055d47fee3cfdeab5b10699cf8f791034cb9a76278ad0e0a060716c42de488
SSDEEP

12288:YE40lJtEQralmZovucARzOprB6SnyY8eypP74pT:6vtBB6SJ8e6GT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36eb1ea3a78d98ec4e4f22555b178458

Files

36eb1ea3a78d98ec4e4f22555b178458
.exe windows:4 windows x86 arch:x86

6ae6cd77cbb4f85ba9d1ae707ea4cc38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW

user32

DrawTextExA
CopyImage
OffsetRect
DrawIconEx
DispatchMessageW
OpenDesktopA
InsertMenuW

shell32

ShellAboutW
ExtractAssociatedIconExW
FindExecutableW
ExtractIconExW
DoEnvironmentSubstA
SHLoadInProc
SheChangeDirExW
ExtractIconW
FreeIconList
DuplicateIcon
SHGetSpecialFolderLocation
DragQueryFileAorW
SHUpdateRecycleBinIcon
InternalExtractIconListW
SheChangeDirA
SHGetSettings

advapi32

ReportEventW
CryptExportKey
RegEnumKeyW
RegSaveKeyW
CryptSignHashW
CryptSetHashParam
RegEnumValueW
LookupSecurityDescriptorPartsW
RegNotifyChangeKeyValue
CryptSetProviderExW
RevertToSelf
RegOpenKeyExW
CryptGenKey
RegFlushKey
RegEnumKeyExW
RegOpenKeyExA
RegSetKeySecurity

kernel32

GetCurrentThreadId
QueryPerformanceCounter
GetModuleFileNameA
VirtualQuery
SetVolumeLabelW
EnumDateFormatsExW
GetDateFormatW
LoadLibraryA
UnmapViewOfFile
GetModuleHandleA
GetSystemTimeAsFileTime
ExitProcess
GetExitCodeProcess
GetProcAddress
HeapReAlloc
EnumCalendarInfoW
VirtualAlloc
GetConsoleCursorInfo
HeapAlloc
GetCurrentProcessId
GetCurrentProcess
HeapFree
GetTickCount
InterlockedExchange
OutputDebugStringA
GetSystemTime
GetPrivateProfileSectionA
RtlUnwind
GetConsoleOutputCP
CreateMutexW
EnterCriticalSection
lstrcatA
TerminateProcess

wininet

FtpOpenFileA
FtpCommandW
RegisterUrlCacheNotification
SetUrlCacheConfigInfoW
InternetSetDialStateW

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ae6cd77cbb4f85ba9d1ae707ea4cc38

Headers

File Characteristics

Imports

comdlg32

user32

shell32

advapi32

kernel32

wininet

Sections

.text Size: 169KB - Virtual size: 168KB

.data Size: 267KB - Virtual size: 266KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 169KB - Virtual size: 168KB

.data
Size: 267KB - Virtual size: 266KB

.rsrc
Size: 16KB - Virtual size: 16KB