36b9ed3cf603b61a3544353fe7ac3370N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

36b9ed3cf603b61a3544353fe7ac3370N.exe
Size

995KB
MD5

36b9ed3cf603b61a3544353fe7ac3370
SHA1

e1288926f0d522ec9613cb787ccd2d9f4df81a23
SHA256

904d1a2d1d96b60166b0c0a81c132cb0e784c42f0518e778f95e6a9324948886
SHA512

5d683a0f4e5c9369c01fed6ac74e06a9967c7f7d8773ab7d59085541959698a370a1e295a28b4dc52a866403faafd4035231b6a7f9ef0fd0acc0cefeb575b458
SSDEEP

12288:KR4rOLfsQ/gzHMHIrPiW1isHEhpbOQSPjfSGIeJzOtnt++c5FBuI+WtjPttAM4C:4UgfsiHIbiW1iGXjJID5tSQI+WRttuC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36b9ed3cf603b61a3544353fe7ac3370N.exe

Files

36b9ed3cf603b61a3544353fe7ac3370N.exe
.exe windows:5 windows x86 arch:x86

d02bab06a799fd63d1813556b43d5207

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

inet_addr
gethostbyname
gethostname
WSACleanup
WSAStartup

winmm

joyGetPosEx
mciSendStringW
waveOutGetVolume
mixerGetDevCapsW
mixerGetLineInfoW
mixerSetControlDetails
waveOutSetVolume
mixerGetControlDetailsW
mixerGetLineControlsW
mixerOpen
joyGetDevCapsW
mixerClose

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ImageList_ReplaceIcon
CreateStatusWindowW
ImageList_GetIconSize
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
GetModuleBaseNameW

kernel32

FindNextFileW
FindClose
FileTimeToLocalFileTime
SetEnvironmentVariableW
Beep
OutputDebugStringW
CreateProcessW
GetFileAttributesW
GetExitCodeProcess
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
OpenProcess
TerminateProcess
SetPriorityClass
SetLastError
GetEnvironmentVariableW
GetLocalTime
GetDateFormatW
GetTimeFormatW
GetDiskFreeSpaceW
SetVolumeLabelW
CreateFileW
DeviceIoControl
GetDriveTypeW
GetVolumeInformationW
CreateDirectoryW
ReadFile
WriteFile
DeleteFileW
SetFileAttributesW
LocalFileTimeToFileTime
SetFileTime
GetFileSizeEx
GetSystemTime
GetSystemDefaultUILanguage
GetComputerNameW
GetWindowsDirectoryW
GetTempPathW
GetFullPathNameW
GetShortPathNameW
GetModuleFileNameW
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
VirtualProtect
QueryDosDeviceW
CompareStringW
RemoveDirectoryW
CopyFileW
GetCurrentProcess
FormatMessageW
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
WritePrivateProfileSectionW
SetEndOfFile
GetACP
GetFileType
GetStdHandle
SetFilePointerEx
SystemTimeToFileTime
FileTimeToSystemTime
GetFileSize
VirtualAllocEx
VirtualFreeEx
EnumResourceNamesW
LoadLibraryExW
GlobalSize
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCommandLineA
GetCommandLineW
ExitProcess
GetModuleHandleExW
HeapSize
HeapReAlloc
FindFirstFileW
MoveFileW
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
DecodePointer
RaiseException
GetCPInfo
GetVersionExW
GetModuleHandleW
GetProcAddress
GetLastError
CreateMutexW
CloseHandle
GetExitCodeThread
SetThreadPriority
CreateThread
lstrcmpiW
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetCurrentDirectoryW
GetSystemTimeAsFileTime
SetErrorMode
InitializeCriticalSection
SetCurrentDirectoryW
Sleep
GetTickCount
MulDiv
InitializeSListHead
RtlUnwind
HeapAlloc
HeapFree
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
EncodePointer
GetProcessHeap
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
ReadConsoleW
WriteConsoleW
LoadLibraryW
VirtualQuery
HeapQueryInformation

user32

RedrawWindow
SetParent
GetClassInfoExW
GetAncestor
UpdateWindow
GetMessagePos
GetClassLongW
DefDlgProcW
CallWindowProcW
CheckRadioButton
IntersectRect
PtInRect
CreateDialogIndirectParamW
CreateAcceleratorTableW
DestroyAcceleratorTable
InsertMenuItemW
SetMenuDefaultItem
RemoveMenu
SetMenuItemInfoW
IsMenu
GetMenuItemInfoW
CreateMenu
CreatePopupMenu
SetMenuInfo
AppendMenuW
DestroyMenu
TrackPopupMenuEx
CreateIconIndirect
GetDesktopWindow
CopyImage
CreateIconFromResourceEx
EnumClipboardFormats
GetWindow
BringWindowToTop
GetTopWindow
GetWindowRect
GetClientRect
SystemParametersInfoW
AdjustWindowRectEx
DrawTextW
SetRect
GetIconInfo
SetWindowTextW
IsWindowVisible
CheckMenuItem
MessageBoxW
LoadImageW
ChangeClipboardChain
SetClipboardViewer
EnableMenuItem
GetMenu
MapWindowPoints
RegisterClassExW
LoadCursorW
DestroyIcon
DestroyWindow
IsCharAlphaW
MapVirtualKeyW
MapVirtualKeyExW
SetDlgItemTextW
GetWindowTextW
mouse_event
WindowFromPoint
GetSystemMetrics
keybd_event
SetKeyboardState
GetKeyboardState
GetCursorPos
GetAsyncKeyState
AttachThreadInput
SendInput
UnregisterHotKey
RegisterHotKey
PostQuitMessage
SendMessageTimeoutW
UnhookWindowsHookEx
SetWindowsHookExW
PostThreadMessageW
IsCharUpperW
IsCharLowerW
IsCharAlphaNumericW
ToUnicodeEx
GetKeyboardLayout
CallNextHookEx
CharLowerW
ReleaseDC
GetDC
OpenClipboard
GetClipboardData
GetClipboardFormatNameW
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageW
FindWindowW
EndDialog
IsWindow
DispatchMessageW
TranslateMessage
ShowWindow
CountClipboardFormats
SetWindowLongW
RemovePropW
SetPropW
GetPropW
FlashWindow
SetMenu
ExitWindowsEx
GetMenuStringW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetLastInputInfo
GetCursor
ClientToScreen
CreateWindowExW
ScreenToClient
IsDialogMessageW
SendMessageW
IsWindowEnabled
GetWindowLongW
GetKeyState
TranslateAcceleratorW
KillTimer
PeekMessageW
GetFocus
GetDlgItem
SendDlgItemMessageW
DialogBoxParamW
SetForegroundWindow
DefWindowProcW
FillRect
DrawIconEx
GetSysColorBrush
GetSysColor
RegisterWindowMessageW
IsIconic
IsZoomed
EnumWindows
GetWindowTextLengthW
EnableWindow
InvalidateRect
SetLayeredWindowAttributes
SetWindowPos
SetWindowRgn
SetFocus
GetGUIThreadInfo
SetActiveWindow
GetClassNameW
GetWindowThreadProcessId
GetForegroundWindow
GetMessageW
SetTimer
GetParent
GetDlgCtrlID
CharUpperW
IsClipboardFormatAvailable
EnumChildWindows
MessageBeep
MoveWindow
VkKeyScanExW
GetQueueStatus
LoadAcceleratorsW

gdi32

SetBrushOrgEx
SetBkMode
GetCharABCWidthsW
GdiFlush
CreateDIBSection
FillRgn
GetClipRgn
GetClipBox
EnumFontFamiliesExW
ExcludeClipRect
SetTextColor
SetBkColor
GetPixel
BitBlt
CreateCompatibleBitmap
GetSystemPaletteEntries
GetDIBits
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
DeleteDC
GetObjectW
GetTextMetricsW
GetTextFaceW
SelectObject
GetStockObject
CreateDCW
CreateSolidBrush
CreateFontW
CreatePatternBrush
GetDeviceCaps
DeleteObject

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerW
GetUserNameW
RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegConnectRegistryW

shell32

ExtractIconW
DragQueryPoint
SHEmptyRecycleBinW
SHFileOperationW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetMalloc
SHGetFolderPathW
ShellExecuteExW
Shell_NotifyIconW
DragFinish
DragQueryFileW

ole32

OleUninitialize
CoCreateInstance
CoInitialize
CoUninitialize
OleInitialize
CLSIDFromString
CoGetObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

SysFreeString
SafeArrayGetLBound
SafeArrayDestroy
OleLoadPicture
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnlock
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetDim
SafeArrayGetUBound
VariantCopyInd
SafeArrayCopy
SysAllocString
VariantChangeType
VariantClear
SafeArrayCreate
SysStringLen
GetActiveObject

Sections

.text
Size: 660KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d02bab06a799fd63d1813556b43d5207

Headers

File Characteristics

Imports

wsock32

winmm

version

comctl32

psapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 660KB - Virtual size: 659KB

.rdata Size: 159KB - Virtual size: 158KB

.data Size: 10KB - Virtual size: 32KB

.rsrc Size: 165KB - Virtual size: 164KB

.text
Size: 660KB - Virtual size: 659KB

.rdata
Size: 159KB - Virtual size: 158KB

.data
Size: 10KB - Virtual size: 32KB

.rsrc
Size: 165KB - Virtual size: 164KB