32b8ed7409cb01515834d962d66f9a10N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

32b8ed7409cb01515834d962d66f9a10N.exe
Size

322KB
MD5

32b8ed7409cb01515834d962d66f9a10
SHA1

70cbb3db25a035e87a7c2977fced7cda177abbd4
SHA256

64e4726d4bb18aa94fd6f10dc481acb9c90ff98276fd2e65752cafa3490580e5
SHA512

634e8c772e5d8cb8871b9b3f252bf7d36e67996609d8ee5e193516be84d0bec911b008f31a2ee983e00e269ae6fae4d2c99c40f9ee9f412d9df6c59ae8a61ad2
SSDEEP

6144:lpFptE4qgmO20pqB7zwZttwPSq+kU22BAOqriMaBV+UdvrEFp7hKTBSZD:lzptE4qgmO20gpzwPtwPSqs/BEriMaBi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32b8ed7409cb01515834d962d66f9a10N.exe

Files

32b8ed7409cb01515834d962d66f9a10N.exe
.dll windows:5 windows x86 arch:x86

adefdfe752ad46275bd283200787cfaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\app\jenkins\jobs\Rosemary release\workspace\default\build\windows\Release\SGBase.pdb

Imports

kernel32

GetProcAddress
GetLastError
GetModuleHandleA
UnmapViewOfFile
MapViewOfFileEx
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateFileMappingA
CloseHandle
OpenFileMappingA
MultiByteToWideChar
GetCurrentDirectoryA
WideCharToMultiByte
Sleep
GetCurrentThread
GetCurrentProcessId
SuspendThread
SetEvent
CreateEventA
CreateMutexA
ReleaseMutex
SetErrorMode
FreeLibrary
FormatMessageA
LoadLibraryExA
MapViewOfFile
HeapSize
SetEnvironmentVariableA
GetStringTypeW
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetTimeZoneInformation
CompareStringW
LoadLibraryW
IsProcessorFeaturePresent
WriteConsoleW
GetCurrentDirectoryW
GetFullPathNameW
RtlUnwind
FlushFileBuffers
GetProcessHeap
SetEndOfFile
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetFileType
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateDirectoryW
FindClose
GetDriveTypeW
FindFirstFileExW
ReadFile
GetFileAttributesW
DeleteFileA
WriteFile
GetConsoleCP
GetConsoleMode
HeapReAlloc
DecodePointer
EncodePointer
SetConsoleCtrlHandler
GetModuleHandleW
ExitProcess
GetSystemTimeAsFileTime
ExitThread
ResumeThread
CreateThread
FindNextFileW
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
LCMapStringW
SetHandleCount
GetStartupInfoW
DeleteCriticalSection
SetFilePointer
RaiseException

ws2_32

inet_ntoa
recvfrom
ntohl
getaddrinfo
ntohs
sendto
recv
socket
freeaddrinfo
closesocket
send
listen
accept
ioctlsocket
connect
inet_addr
htonl
select
htons
setsockopt
bind
__WSAFDIsSet
getsockopt
WSAStartup
WSAGetLastError
WSACleanup

Exports

Exports

SGBase64_Decode
SGBase64_Encode
SGBase64_Free
SGBaseError_GetLastCode
SGBaseError_SetLast
SGBaseWrapper_GetList
SGBase_SetInstance
SGBinaryList_Add
SGBinaryList_Copy
SGBinaryList_Free
SGBinaryList_New
SGBinaryList_Reset
SGBinaryTupleList_Add
SGBinaryTupleList_Find
SGBinaryTupleList_FindAsString
SGBinaryTupleList_Free
SGBinaryTupleList_New
SGBinaryTupleList_Reset
SGBinary_Add
SGBinary_AddString
SGBinary_Cleanse
SGBinary_Cmp
SGBinary_Copy
SGBinary_Duplicate
SGBinary_Free
SGBinary_Init
SGBinary_New
SGBinary_Reset
SGBinary_Reverse
SGBinary_Set
SGBinary_SetString
SGBinary_ToString
SGCodecBinToString
SGCodecConvertCodeSet
SGCodecDecodeURL
SGCodecEncodeURL
SGCodecEscapeString
SGCodecGetBuildInfo
SGCodecGetVersion
SGCodecStringToBin
SGCodecUnescapeString
SGConfig_GetBuildInfo
SGConfig_GetVersion
SGConfig_IniparserFindEntry
SGConfig_IniparserFree
SGConfig_IniparserGetBoolean
SGConfig_IniparserGetDouble
SGConfig_IniparserGetInt
SGConfig_IniparserGetNSec
SGConfig_IniparserGetSecName
SGConfig_IniparserGetString
SGConfig_IniparserNew
SGConfig_IniparserNew_Unicode
SGConfig_IniparserNew_from_Buffer
SGConfig_IniparserUnset
SGConfig_JsonDelete
SGConfig_JsonGetObjectItem
SGFile_Read
SGFile_ReadBinary
SGFile_Write
SGFile_WriteBinary
SGHashMap_Foreach
SGHashMap_Foreach_Remove
SGHashMap_Foreach_Steal
SGHashMap_Free
SGHashMap_Insert
SGHashMap_Int_Equal
SGHashMap_Int_Hash
SGHashMap_Lookup
SGHashMap_LookupEx
SGHashMap_New
SGHashMap_NewEx
SGHashMap_Remove
SGHashMap_Replace
SGHashMap_Size
SGHashMap_Steal
SGHashMap_Str_Equal
SGHashMap_Str_Hash
SGHashMap_TotalSize
SGHex_Decode
SGHex_Encode
SGIPC_Finalize
SGIPC_GetLastErrorReason
SGIPC_GetSysErrorReason
SGIPC_Initialize
SGLog_Finalize
SGLog_GetBuildInfo
SGLog_GetVersion
SGLog_Initialize
SGLog_Write
SGMemoryMap_Get
SGMemoryMap_Lock
SGMemoryMap_Move
SGMemoryMap_Read
SGMemoryMap_Release
SGMemoryMap_UnLock
SGMemoryMap_Write
SGMemory_calloc
SGMemory_cleanse
SGMemory_free
SGMemory_malloc
SGMemory_realloc
SGOS_GetDateStr
SGOS_GetDateTimeStr
SGOS_GetTimeStr
SGOS_abs
SGOS_access
SGOS_asctime
SGOS_atof
SGOS_atoi
SGOS_atol
SGOS_atoll
SGOS_atoq
SGOS_calloc
SGOS_close
SGOS_closedir
SGOS_create
SGOS_ctime
SGOS_dlclose
SGOS_dlerror
SGOS_dlopen
SGOS_dlsym
SGOS_exit
SGOS_fclose
SGOS_fcntl
SGOS_fflush
SGOS_fgets
SGOS_fgetws
SGOS_fileno
SGOS_fopen
SGOS_fprintf
SGOS_fread
SGOS_free
SGOS_fseek
SGOS_fstat
SGOS_ftell
SGOS_fwrite
SGOS_getcwd
SGOS_getenv
SGOS_gmtime
SGOS_htonl
SGOS_htons
SGOS_index
SGOS_isalnum
SGOS_isalpha
SGOS_isascii
SGOS_isblank
SGOS_iscntrl
SGOS_isdigit
SGOS_isgraph
SGOS_islower
SGOS_isprint
SGOS_ispunct
SGOS_isspace
SGOS_isupper
SGOS_isxdigit
SGOS_kill
SGOS_killpg
SGOS_labs
SGOS_llabs
SGOS_localtime
SGOS_malloc
SGOS_mbstowcs
SGOS_memccpy
SGOS_memcmp
SGOS_memcpy
SGOS_memmove
SGOS_memset
SGOS_mkdir
SGOS_mkfifo
SGOS_mktime
SGOS_ntohl
SGOS_ntohs
SGOS_open
SGOS_opendir
SGOS_printf
SGOS_read
SGOS_readdir_r
SGOS_readline
SGOS_realloc
SGOS_remove
SGOS_rewind
SGOS_rindex
SGOS_signal
SGOS_sleep
SGOS_snprintf
SGOS_sprintf
SGOS_stat
SGOS_strchr
SGOS_strcmp
SGOS_strcoll
SGOS_strcrop
SGOS_strcspn
SGOS_strdup
SGOS_strerror
SGOS_strlen
SGOS_strlwc
SGOS_strncasecmp
SGOS_strncat
SGOS_strncmp
SGOS_strncpy
SGOS_strpbrk
SGOS_strrchr
SGOS_strsep
SGOS_strskp
SGOS_strspn
SGOS_strstr
SGOS_strstrip
SGOS_strtod
SGOS_strtof
SGOS_strtok
SGOS_strtol
SGOS_strtold
SGOS_strtoll
SGOS_strtoul
SGOS_strtoull
SGOS_strupc
SGOS_strxfrm
SGOS_time
SGOS_tolower
SGOS_toupper
SGOS_unlink
SGOS_vsprintf
SGOS_wcslen
SGOS_wcsncat
SGOS_wcsncmp
SGOS_wcsncpy
SGOS_wcstombs
SGOS_write
SGSemaphore_Control
SGSemaphore_Get
SGSemaphore_Lock
SGSemaphore_UnLock
SGSharedMemory_Control
SGSharedMemory_Get
SGSharedMemory_GetSafely
SGSharedMemory_MoveSafely
SGSharedMemory_ReadSafely
SGSharedMemory_Release
SGSharedMemory_ReleaseSafely
SGSharedMemory_WriteSafely
SGSocket_Accept
SGSocket_Client
SGSocket_ClientNB
SGSocket_Close
SGSocket_MultiReceiver
SGSocket_MultiRecv
SGSocket_MultiSend
SGSocket_Recv
SGSocket_RecvAll
SGSocket_RecvBinary
SGSocket_RecvLine
SGSocket_Send
SGSocket_SendAll
SGSocket_SendBinary
SGSocket_Server
SGSocket_htonl
SGSocket_htons
SGSocket_ntohl
SGSocket_ntohs
SGSysInfoGetIPMacWithNetInterface
SGThread_AttrDestroy
SGThread_AttrGetdetachstate
SGThread_AttrGetinheritsched
SGThread_AttrGetschedparam
SGThread_AttrGetschedpolicy
SGThread_AttrGetscope
SGThread_AttrGetstacksize
SGThread_AttrInit
SGThread_AttrLength
SGThread_AttrSetdetachstate
SGThread_AttrSetinheritsched
SGThread_AttrSetschedparam
SGThread_AttrSetschedpolicy
SGThread_AttrSetscope
SGThread_AttrSetstacksize
SGThread_CondAttrDestory
SGThread_CondAttrInit
SGThread_CondAttrLength
SGThread_CondBroadcast
SGThread_CondDestroy
SGThread_CondInit
SGThread_CondLength
SGThread_CondSignal
SGThread_CondTimedwait
SGThread_CondWait
SGThread_Create
SGThread_Detach
SGThread_Fork
SGThread_FreeTypes
SGThread_Getpid
SGThread_Getppid
SGThread_Join
SGThread_MutexAttrDestroy
SGThread_MutexAttrGettype
SGThread_MutexAttrInit
SGThread_MutexAttrLength
SGThread_MutexAttrSetpshared
SGThread_MutexAttrSettype
SGThread_MutexDestroy
SGThread_MutexInit
SGThread_MutexLength
SGThread_MutexLock
SGThread_MutexUnlock
SGThread_Pause
SGThread_Self
SGThread_Setsid
SGThread_Wait
SGThread_Waitpid
SGVector_Copy
SGVector_Free
SGVector_Get
SGVector_Get_all
SGVector_Grow
SGVector_Insert
SGVector_Insert_at
SGVector_Length
SGVector_New
SGVector_Pop
SGVector_Push
SGVector_Remove
SGVector_Shift
SGVector_Size
SGVector_Transpose
SGVector_Unshift
SG_LOG_DEBUG_Get_Stream
SG_LOG_DEBUG_Initialize
SGstorage_JsonNew
_SGLog_Finalize
_SGLog_Initialize
_SGLog_Write
_SGLog_WriteVaList

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adefdfe752ad46275bd283200787cfaf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ws2_32

Exports

Exports

Sections

.text Size: 135KB - Virtual size: 134KB

.rdata Size: 95KB - Virtual size: 95KB

.data Size: 5KB - Virtual size: 99KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 135KB - Virtual size: 134KB

.rdata
Size: 95KB - Virtual size: 95KB

.data
Size: 5KB - Virtual size: 99KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB