exe[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

exe.exe
Size

6.2MB
MD5

2f86244d49be74bdec514be66ab5e1f8
SHA1

9722df3b8b3dd2a2414aec166f2e684cdfe42f43
SHA256

8aca85927b5668df3c40302b1e3e13f6af38937d9565823bc05888192238b67c
SHA512

864f50175c124679e5d03f5ca2a44f222c726777647bb158b0e9c126530d4df92f008f123efab26743e1e243c1b5427b26ad7fdaa3a04ed7c8f5f113dbc9be67
SSDEEP

98304:AfJfhTH4d5sFxWiYL2hg3uFLOAkGkzdnEVomFHKnPB:MphTCcxSLkFLOyomFHKnPB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
exe.exe

Files

exe.exe
.exe windows:6 windows x86 arch:x86

36a3876372a024c8768506882303af01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringEx
GetStringTypeW
RtlUnwind
GetModuleHandleExW
HeapValidate
GetSystemInfo
ExitProcess
QueryPerformanceFrequency
GetCommandLineA
GetCommandLineW
CreateThread
ExitThread
FreeLibraryAndExitThread
HeapQueryInformation
SetStdHandle
GetFileType
GetStdHandle
WriteConsoleW
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
VirtualQuery
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
OutputDebugStringW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetWindowsDirectoryA
FindResourceExW
GetACP
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetTempPathA
GetStringTypeExA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
GetHandleInformation
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
FlushFileBuffers
DeleteFileA
Sleep
SearchPathA
GetCPInfo
GetOEMCP
LocalReAlloc
LocalAlloc
GlobalHandle
SleepConditionVariableSRW
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
VirtualProtect
GetProfileIntA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetThreadLocale
FileTimeToSystemTime
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileA
GetTempFileNameA
SetFileTime
GetFullPathNameA
GetFileTime
GetDiskFreeSpaceA
WaitForSingleObject
FormatMessageA
LocalFree
GetTickCount64
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetVersionExA
GetCurrentThread
lstrcmpA
GetAtomNameA
VerifyVersionInfoA
VerSetConditionMask
MulDiv
GetCurrentDirectoryA
GlobalFree
GlobalSize
GlobalReAlloc
GlobalAlloc
CloseHandle
GetFileAttributesA
lstrcpyA
CompareStringA
GlobalFindAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GlobalGetAtomNameA
GlobalAddAtomA
GlobalLock
GlobalUnlock
GetCurrentProcessId
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
ResumeThread
MultiByteToWideChar
SetThreadPriority
InitializeCriticalSectionAndSpinCount
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CopyFileA
lstrcatA
lstrlenA
GetModuleFileNameA
VirtualAlloc
ReadFile
GetFileSize
CreateFileA
CreateEventA
FindClose
FindNextFileA
FindFirstFileA
LoadLibraryA
GetProcAddress
GetLastError
SetLastError
TlsFree

user32

SetRect
CopyImage
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
DrawIconEx
SetMenuDefaultItem
GetMenuDefaultItem
GetCursorPos
MessageBeep
GetAsyncKeyState
CharUpperA
TrackMouseEvent
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
MoveWindow
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetMonitorInfoA
MonitorFromWindow
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
PtInRect
MessageBoxA
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ScrollWindow
TrackPopupMenu
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
GetClassInfoExA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
DispatchMessageA
ReuseDDElParam
UnpackDDElParam
WinHelpA
DestroyIcon
GetWindowThreadProcessId
GetClassNameA
EqualRect
IntersectRect
SetCursor
DestroyMenu
SetMenu
LoadMenuA
LoadAcceleratorsA
IsWindowEnabled
ReleaseCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
ShowWindow
GetClassInfoA
TabbedTextOutA
TranslateMDISysAccel
DefMDIChildProcA
UnionRect
SetWindowLongA
AdjustWindowRectEx
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenu
TranslateAcceleratorA
SetWindowPos
IsMenu
CreateWindowExA
NotifyWinEvent
MapDialogRect
DrawStateA
LoadIconA
LoadCursorW
LoadCursorA
GetWindow
GetLastActivePopup
GetTopWindow
SetParent
GetDesktopWindow
GetWindowLongA
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
HideCaret
SetWindowContextHelpId
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
LockWindowUpdate
RedrawWindow
InvalidateRgn
ValidateRect
InvalidateRect
GetWindowRgn
SetRectEmpty
InflateRect
GetSysColor
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
GetKeyNameTextA
MapVirtualKeyA
DrawEdge
DrawFrameControl
LoadMenuW
GetMenuStringA
GetMenuState
CreateMenu
CreatePopupMenu
CheckMenuItem
EnableMenuItem
InsertMenuA
AppendMenuA
ModifyMenuA
RemoveMenu
KillTimer
DeleteMenu
InsertMenuItemA
GetMenuItemInfoA
SetMenuItemInfoA
DrawIcon
DrawTextA
DrawTextExA
DefFrameProcA
PostQuitMessage
PeekMessageA
EnableWindow
IsChild
GetFocus
LoadImageA
GetSystemMetrics
RegisterWindowMessageA
IsWindow
DestroyWindow
CopyRect
OffsetRect
IsRectEmpty
GetClassLongA
GetParent
SendMessageA
PostMessageA
PostThreadMessageA
ShowOwnedPopups
IsWindowVisible
IsIconic
BringWindowToTop
IsZoomed
GetNextDlgGroupItem
GetNextDlgTabItem
OpenClipboard
GetActiveWindow
GetCapture
SetCapture
SetTimer
GetSysColorBrush
DrawFocusRect
FillRect
FrameRect
GrayStringA
InvertRect
RegisterClipboardFormatA
SetClassLongA
DestroyAcceleratorTable
SystemParametersInfoA
GetMessageA
UpdateLayeredWindow
MonitorFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
WaitMessage
LoadAcceleratorsW
CreateDialogIndirectParamA
EndDialog
TranslateMessage
GetIconInfo
CharUpperBuffA
SetCursorPos
DestroyCursor
RealChildWindowFromPoint
GetClipboardFormatNameA
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
CopyAcceleratorTableA
CopyIcon
SubtractRect
IsClipboardFormatAvailable
GetDoubleClickTime
EnumChildWindows
CharNextA
GetTabbedTextExtentW
MapVirtualKeyExA
IsCharLowerA
LoadIconW
GetComboBoxInfo

gdi32

GetPixel
PatBlt
RealizePalette
SelectPalette
SetPixel
StretchBlt
SetDIBColorTable
CombineRgn
CreateDCA
CreateEllipticRgn
CreateHatchBrush
CreatePalette
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetROP2
GetBkColor
GetBkMode
GetBoundsRect
GetCharWidthA
GetCurrentPositionEx
GetDeviceCaps
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPolyFillMode
GetRgnBox
GetStretchBltMode
GetTextAlign
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PtInRegion
PtVisible
RectVisible
Rectangle
RoundRect
CreateCompatibleBitmap
SetPaletteEntries
SetPixelV
SetRectRgn
GetTextMetricsA
StartDocA
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CopyMetaFileA
EnumFontFamiliesExA
GetDIBits
CreateBitmap
BitBlt
SetTextColor
SetBkColor
ExtTextOutA
GetObjectA
CreateFontIndirectA
CreateDIBSection
SelectObject
CreateCompatibleDC
DeleteObject
GetStockObject
GetTextExtentPointA
GetSystemPaletteEntries
GetTextExtentPoint32W
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegQueryValueA
RegSetValueA
SetFileSecurityA
GetFileSecurityA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
RegCloseKey

shell32

DragQueryFileA
DragFinish
SHAppBarMessage
ShellExecuteA
SHGetFileInfoA
ExtractIconA
SHGetMalloc
SHAddToRecentDocs
SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFolderPathA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindFileNameA

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeText
GetThemeSysColor
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
GetWindowTheme

ole32

RegisterDragDrop
RevokeDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CreateILockBytesOnHGlobal
CoInitializeEx
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoDisconnectObject
OleLockRunning
StringFromGUID2
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CLSIDFromProgID
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CreateStreamOnHGlobal
CoGetClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CoLockObjectExternal
OleCreateMenuDescriptor

oleaut32

SysAllocStringByteLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantChangeType
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
SysStringLen
SysFreeString
VariantInit
SysAllocString
SysAllocStringLen
VariantClear

oledlg

ord8

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0

ws2_32

WSASetLastError
WSACleanup
WSAStartup

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 550KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36a3876372a024c8768506882303af01

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rdata Size: 550KB - Virtual size: 550KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 223KB - Virtual size: 223KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.rdata
Size: 550KB - Virtual size: 550KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 223KB - Virtual size: 223KB