36970cf46d4f687290507f58e1c9ba31

Sharing

Copy URL Twitter E-mail

General

Target

36970cf46d4f687290507f58e1c9ba31
Size

129KB
MD5

36970cf46d4f687290507f58e1c9ba31
SHA1

f456e3adc22993b85b04e63f15e0e4a92a684ced
SHA256

d00c313f7720301bbd5fc9ed3905351a2af7aeea47abac1d20b1d93a0aab92be
SHA512

fa4877e75a658cb020587eb9f63999b53f05cd3b43f16e1b612686da899badc0ba1bdd18d09e2ac0825e011d990e4da7b89d1081e9f114438311966fbef64bdd
SSDEEP

3072:VsHR5YVg8K73Ki+c5wIsuGKEK6S5XH4k/nCC04sZKZ9D70R/K8wrGw:V+84h+cGIsLK6i4UCC8KTD70RM5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36970cf46d4f687290507f58e1c9ba31

Files

36970cf46d4f687290507f58e1c9ba31
.exe windows:5 windows x86 arch:x86

d550e321c9dd55f1dae7e1e68e48e0a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateILockBytesOnHGlobal
OleUninitialize
OleCreate
CreateGenericComposite

kernel32

GetProcAddress
CreateSemaphoreW
EnumResourceTypesW
DisconnectNamedPipe
FreeConsole
GetWindowsDirectoryW
GetExitCodeThread
WaitForMultipleObjects
GetProcessTimes
WriteConsoleInputA
GetProcessPriorityBoost
WriteConsoleOutputW
MoveFileW
UnhandledExceptionFilter
PeekConsoleInputA
FillConsoleOutputCharacterW
GetCPInfoExW
GetLocaleInfoW
FreeResource
EnumDateFormatsExW
IsBadHugeWritePtr
GetNamedPipeHandleStateA
GetProcessAffinityMask
SetMailslotInfo
GetWriteWatch
GetProfileSectionA
LoadModule
GetModuleHandleA
LocalFree
VirtualQueryEx
LocalFileTimeToFileTime
SetLastError
LoadResource
SetSystemPowerState
FreeLibrary
lstrcmpiW
GetComputerNameA
GetConsoleMode
UnlockFile
FindClose
GetSystemDefaultLCID
GetConsoleScreenBufferInfo
GetProcessHeaps
GetLogicalDriveStringsA
GetDateFormatW
IsValidCodePage
CreateFileMappingA
FindFirstFileA
EnumSystemCodePagesA
FreeEnvironmentStringsW
SetConsoleActiveScreenBuffer
Heap32ListNext
SetCalendarInfoA
PeekNamedPipe
GetCPInfo
RtlFillMemory
GetSystemTimeAdjustment
SetThreadIdealProcessor
FillConsoleOutputCharacterA
CopyFileExW
CreateDirectoryExW
ConvertDefaultLocale
PostQueuedCompletionStatus
VerLanguageNameW
RaiseException
EnumResourceLanguagesA
FlushFileBuffers
GetModuleHandleW
LocalFlags
GlobalGetAtomNameW
GetDiskFreeSpaceW
FindAtomA
OpenSemaphoreW
CancelDeviceWakeupRequest
GetDriveTypeA
FillConsoleOutputAttribute
VerLanguageNameA
SetErrorMode
LCMapStringW
lstrcmpW
UnmapViewOfFile
FlushConsoleInputBuffer
LCMapStringA
SetWaitableTimer
LockFileEx
ReadConsoleInputA
GetWindowsDirectoryA
GetThreadContext
GetThreadPriority
SetUnhandledExceptionFilter
GetUserDefaultLCID
LoadLibraryA
ReadConsoleOutputA
HeapUnlock
SetConsoleCursorPosition
WaitForSingleObject
EnumCalendarInfoExW
OpenFileMappingA
RemoveDirectoryA
OpenFile
UpdateResourceA
HeapDestroy
SetVolumeLabelA
HeapLock
DosDateTimeToFileTime
SetVolumeLabelW
FindResourceW
GetShortPathNameW
GetPrivateProfileStringA
EnumResourceLanguagesW
QueryPerformanceFrequency
lstrcpyn
FindNextChangeNotification
OpenMutexW
SetProcessShutdownParameters
ReadConsoleOutputAttribute
CloseHandle
GetFullPathNameW
CreateToolhelp32Snapshot
GetFileInformationByHandle
IsBadCodePtr
ExpandEnvironmentStringsW
WritePrivateProfileSectionA
GlobalCompact
SetHandleCount
CancelIo
lstrcmpi
CreateDirectoryA
GetModuleFileNameA
VirtualAlloc
VirtualProtect
GetProfileIntA
VirtualFree

user32

GetClassWord
InternalGetWindowText
GetSysColor
CallWindowProcW
LoadKeyboardLayoutA
CallMsgFilterA
DispatchMessageA
DrawCaption
InSendMessageEx
TabbedTextOutA
GetUserObjectInformationW
SetProcessWindowStation
WINNLSGetIMEHotkey
ShowWindowAsync
ChangeDisplaySettingsExW
GetWindowTextW
IsChild
SendMessageTimeoutA
RegisterClassW
LoadCursorFromFileW
ChangeDisplaySettingsA
ChildWindowFromPoint
RegisterClassExW
DdeUninitialize
SetUserObjectInformationA
BlockInput
MonitorFromWindow
GetInputState
GetQueueStatus
DefMDIChildProcA
RegisterDeviceNotificationA
CallMsgFilter
DdeAddData
DdeKeepStringHandle
ValidateRgn
SetMenuDefaultItem
ShowWindow
GetAsyncKeyState
GetWindowModuleFileNameA
SetParent
GetWindowRgn
SetRectEmpty
MessageBeep
LoadStringA
GetMenuItemID
GetMessageExtraInfo
SetCaretBlinkTime
CloseWindowStation
ShowOwnedPopups
WinHelpA
GetClipboardSequenceNumber
IsClipboardFormatAvailable
GetCaretPos
SetDoubleClickTime
GetPropW
GetMessageA
SetDlgItemInt
GetWindowThreadProcessId
OemKeyScan
GetScrollPos
GetKeyboardType
SetWindowTextA
TranslateMessage
DdeInitializeW
DestroyIcon
PostMessageW
RegisterClipboardFormatW
DlgDirSelectExW
GetKeyboardState
SendNotifyMessageW
DeferWindowPos
GetUserObjectInformationA
DefMDIChildProcW
IsCharAlphaNumericW
BroadcastSystemMessageA
GetDesktopWindow
GetWindowLongW
SendMessageCallbackW
CascadeChildWindows
DialogBoxParamA
DialogBoxParamW
CopyAcceleratorTableA
WINNLSGetEnableStatus
SendMessageCallbackA
LoadStringW
LoadCursorFromFileA
SendNotifyMessageA
DlgDirListW
DdeCmpStringHandles
CloseWindow
SystemParametersInfoW
GetScrollRange
ChangeDisplaySettingsW
CreatePopupMenu
SetMessageQueue
GetProcessDefaultLayout
SetForegroundWindow
EndPaint
GetShellWindow
CreateAcceleratorTableA
LockWindowUpdate
SendDlgItemMessageA
LoadImageW
EnableScrollBar
GetCursor
IsWindowEnabled
MessageBoxW
PeekMessageA
EndDeferWindowPos
DdeClientTransaction
ImpersonateDdeClientWindow
EnableMenuItem
GetKeyNameTextW
SetTimer
GetMenu
VkKeyScanExW
MessageBoxA
GetPriorityClipboardFormat
SetCaretPos
GetClassLongW
GetClassNameA
UnregisterHotKey
SetCursorPos
CreateMDIWindowA
MapVirtualKeyA
VkKeyScanA
GetClassInfoA
SetLastErrorEx
DispatchMessageW
ModifyMenuW
ChangeMenuA
DdeCreateDataHandle
MsgWaitForMultipleObjectsEx
GetKeyNameTextA
DefWindowProcW
RemoveMenu
LoadKeyboardLayoutW
GetUpdateRgn
EnumPropsExW
SwapMouseButton
FindWindowA
GetDCEx
SetClassLongA
CopyIcon
IsDialogMessageA
ShowCaret
GetUpdateRect
GetComboBoxInfo
GetKBCodePage
DrawIcon
MapVirtualKeyExW
SetScrollInfo
GetMenuStringW
UnregisterClassA
ScrollWindowEx
GetCursorPos
GetMenuCheckMarkDimensions
GetDlgItemTextA
GetLastActivePopup
SetPropA
RemovePropW
CharToOemA
InsertMenuItemA
LookupIconIdFromDirectory
CascadeWindows
FindWindowW
IsCharAlphaA
DdeImpersonateClient
EnableWindow
GetMenuItemInfoW
IsWindow
GetSystemMetrics
SetWindowRgn
CharLowerA
OemToCharBuffW
ShowScrollBar
SendInput
OpenClipboard
GetWindowInfo
InflateRect
MenuItemFromPoint
FreeDDElParam
GetWindowModuleFileNameW
GetClipboardFormatNameW
EnumDisplaySettingsW
GetForegroundWindow
ReleaseDC
UnpackDDElParam
DragDetect
DialogBoxIndirectParamA
DrawTextExA
KillTimer
CreateWindowStationW
LoadIconA
EnumDesktopsA
GetCaretBlinkTime
SetMenu
GetClassLongA
CharPrevExA
IsRectEmpty
SetCursor
CallMsgFilterW
DdeQueryStringW
BroadcastSystemMessage
RegisterWindowMessageW

shlwapi

PathCommonPrefixA
SHEnumKeyExA
SHDeleteKeyA
StrStrA
PathRemoveArgsW

advapi32

CryptDeriveKey
SetSecurityDescriptorSacl
OpenServiceA
RegEnumKeyA
RegQueryValueExW
ObjectCloseAuditAlarmA
CryptAcquireContextA

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d550e321c9dd55f1dae7e1e68e48e0a7

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

user32

shlwapi

advapi32

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 1KB