c36be929f91bb988a5fbb53146881e67

Sharing

Copy URL

Twitter E-mail

General

Target

c36be929f91bb988a5fbb53146881e67
Size

175KB
MD5

c36be929f91bb988a5fbb53146881e67
SHA1

c0c14b91d4a45ee6e1c0d8dd3bc65a3fa951805f
SHA256

6c48207fbc3eb836d2308c0e6e9cd92c9751e3f99383f34bb69fb75a4b8693a6
SHA512

b6c29aa0554df888c47b72beb416924c5f4ee61ad488fcea8df84ead6752ff27b762e434d141adcf23057ac6d6ca09a32d881dc82113c064142f76b0aa792943
SSDEEP

3072:VOrNCMGiNcuRCQk0sPKKtRplgzVB2GcqPOxRClT0Blpl162kO8NS1b4vQfiifjwa:Kii+uRCQk0wev2qVUllR3Vp7fiicCJJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c36be929f91bb988a5fbb53146881e67

Files

c36be929f91bb988a5fbb53146881e67
.exe windows:5 windows x86 arch:x86

c1199c72cad991d3bcd8ca4d82b09e16

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateShellItem
SHGetSpecialFolderLocation
DragQueryFileW

msvcrt

wcstol
_cexit
_amsg_exit
__setusermatherr
__getmainargs
wcstoul
_wtof

user32

GetSystemMetrics
CallNextHookEx
BeginPaint
CreateWindowExW
SetRectEmpty
RegisterClassExW
PostMessageW
EndPaint
GetClipboardData
SetForegroundWindow
GetClassNameW
GetMenuItemInfoW
EndDialog
OpenClipboard
DrawEdge
GetDlgCtrlID
CharUpperW
RedrawWindow
GetMenuItemID
LoadAcceleratorsW
GetActiveWindow
MessageBoxW
CreateDialogParamW
IsMenu
DrawTextExW

gdi32

CreateCompatibleBitmap
CreateBitmap
GetObjectA
AddFontResourceW
GetTextExtentPoint32W
SetTextColor

ntdll

NtPowerInformation
NtOpenDirectoryObject
NtQuerySystemTime
NtCreateSection
NtOpenSemaphore
NtOpenEventPair
NtOpenMutant

kbdasrad

_LCosh
_Stold
_LSinh
_Nan
_LEps
_Dscale
_Cosh
_Getctype
_Dtest
_Getcvt

kernel32

SetLastError
VirtualProtect
SetUnhandledExceptionFilter
HeapDestroy
GetPriorityClass
GlobalAlloc
ReadDirectoryChangesW
ReleaseMutex
GetStartupInfoA
CreateMutexW
CloseHandle
LocalAlloc
GetCurrentThread
GetACP
GetCurrentProcessId
GetQueuedCompletionStatus
GetFullPathNameW
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
InterlockedExchangeAdd
VirtualFree
WaitForSingleObject
LocalAlloc
CreateThread
FindFirstVolumeW
GlobalLock
SleepEx
GetVersionExA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1199c72cad991d3bcd8ca4d82b09e16

Headers

DLL Characteristics

File Characteristics

Imports

shell32

msvcrt

user32

gdi32

ntdll

kbdasrad

kernel32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 34KB - Virtual size: 33KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 34KB - Virtual size: 33KB

.rsrc
Size: 120KB - Virtual size: 120KB