36f2527058d6d52571985fca36c4fe68

Sharing

Copy URL

Twitter E-mail

General

Target

36f2527058d6d52571985fca36c4fe68
Size

170KB
MD5

36f2527058d6d52571985fca36c4fe68
SHA1

28ff6c786b5e5e89b6e522822f75fefcff09ffa2
SHA256

26dde0541c8481c91f2c7f5e7c0bd632d617b8a68a61f8e3564dbe58eee64586
SHA512

3cd78d68fed6197ad9b999274f0f64b601cf276debf61e468bc1b4b103517ab1c4ba075b71d5c6fcce34a5f7bdd6d6ef0c58e979eafae12ad4ce762e87ea8192
SSDEEP

3072:JdBrVNemRG5Q6zsC2Yt0RHJamXJob0KuJ48Me42tQFMm7svYD+:/gmkFFQptaQt48Mz2tQFb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36f2527058d6d52571985fca36c4fe68

Files

36f2527058d6d52571985fca36c4fe68
.exe windows:5 windows x86 arch:x86

09abd344f8257b4046743adb1d17a6c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalHandle
CreateWaitableTimerW
OpenFile
CreateMutexW
FileTimeToLocalFileTime
GetAtomNameA
TlsFree
GetSystemDirectoryW
FlushFileBuffers
GlobalFree
GetNumberFormatA
FindNextFileW
WaitForMultipleObjectsEx
QueryDosDeviceW
QueryPerformanceCounter
GetACP
GetFileSize
SetLocalTime
lstrcmpW
DeleteFileW
GetNumberFormatW
SetSystemTimeAdjustment
LoadLibraryExW
OpenSemaphoreW
CreateWaitableTimerA
MulDiv
GetOverlappedResult
GetShortPathNameA
GetCurrentThreadId
LoadLibraryExA
EnterCriticalSection
GetCurrentThread
GetSystemTime
GetThreadPriority
SetUnhandledExceptionFilter
LeaveCriticalSection
TryEnterCriticalSection
GetHandleInformation
lstrcpynA
SetCommState
GetBinaryTypeA
SizeofResource
SetCommMask
GetLocalTime
FileTimeToSystemTime
IsBadCodePtr
LoadLibraryW
GetCommandLineW
CreateMutexA
GlobalReAlloc
GlobalMemoryStatusEx
GetModuleFileNameW
FoldStringW
GlobalGetAtomNameA
lstrlenW
HeapCreate
FormatMessageW
GetTimeFormatW
GetStdHandle
GetTimeFormatA
LoadResource
HeapReAlloc
GetStartupInfoW
LockResource
LoadLibraryA
ReadFile
GetFullPathNameA
WaitForSingleObjectEx
MoveFileW
ResumeThread
GetBinaryTypeW
GetSystemDefaultLangID
RemoveDirectoryA
FindResourceExW
DeviceIoControl
ExitThread
MultiByteToWideChar
GetCommProperties
GetModuleHandleW
CompareStringW
GetProcAddress
GlobalGetAtomNameW
LocalFree
CreateSemaphoreA
GetThreadContext
VerSetConditionMask
UnmapViewOfFile
GlobalCompact
GlobalAddAtomA
EnumResourceNamesW
CreateRemoteThread
GetFileTime
CreateThread
IsDBCSLeadByte
GlobalFlags
EnumResourceTypesA
SystemTimeToFileTime
CreateNamedPipeW
FindNextFileA
UnlockFile
SetFilePointer
CallNamedPipeW
FindResourceW
IsBadReadPtr
LocalLock
HeapValidate
SetCurrentDirectoryA
GlobalAddAtomW
HeapLock
EnumSystemLocalesA
FindFirstFileW
CreateFileA
VirtualProtect
RaiseException
GetCPInfo
CreateFileMappingA
IsDBCSLeadByteEx
CompareStringA
lstrcatW
CreateEventW
CreateFileW
GetWindowsDirectoryW
HeapWalk

psapi

QueryWorkingSet

shlwapi

PathUnmakeSystemFolderA

advapi32

RegQueryValueExA
RegQueryValueExW
RegReplaceKeyA

Exports

Exports

_SwapMouseButtonSwapMouseButton@0

Sections

.text
Size: 135KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09abd344f8257b4046743adb1d17a6c3

Headers

File Characteristics

Imports

kernel32

psapi

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 135KB - Virtual size: 143KB

.data Size: 29KB - Virtual size: 29KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 135KB - Virtual size: 143KB

.data
Size: 29KB - Virtual size: 29KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB