c:\Users\DODO\Downloads\Gather_as_105046711200\NetBIOS Enumerater\Release\NetBIOS Enumerater.pdb
Static task
static1
Behavioral task
behavioral1
Sample
c844e56bd39ad5d3f3fadc5e99176cc0N.exe
Resource
win7-20240705-en
General
-
Target
c844e56bd39ad5d3f3fadc5e99176cc0N.exe
-
Size
506KB
-
MD5
c844e56bd39ad5d3f3fadc5e99176cc0
-
SHA1
876c920dfde275b2ddc92cf3e6a4f92e50ade1da
-
SHA256
a5bdc3a8cbf6f401ea415c19ae8fe352d3ce9ad65963470307bdd974e0aa1ba9
-
SHA512
235f9ef6a1209c11a6acbc124bcc9bf0c0dfc40517bc3f031424e3462de171cd218c6e7a173329026ed407003a62dc99771b1607b97244742bbd3e3d51b9528d
-
SSDEEP
6144:T4p06YZxFrAfp9NlOvTULvRf71SWZsYM+VX+bUOGcLZo3nU:UxYL2fpsvUfhxvVX+9Z0U
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c844e56bd39ad5d3f3fadc5e99176cc0N.exe
Files
-
c844e56bd39ad5d3f3fadc5e99176cc0N.exe.exe windows:4 windows x86 arch:x86
5e4c9876b64a80af1485cc4432ca3dfd
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ws2_32
gethostbyaddr
ntohl
setsockopt
htonl
bind
sendto
recvfrom
inet_addr
gethostname
inet_ntoa
WSAGetLastError
WSAStartup
gethostbyname
socket
htons
connect
closesocket
WSACleanup
send
recv
comctl32
ImageList_Create
ord17
ImageList_GetImageCount
ImageList_ReplaceIcon
PropertySheetA
mpr
WNetCancelConnectionA
WNetCancelConnection2A
WNetAddConnection2A
kernel32
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
LocalFree
FormatMessageA
lstrcpyA
lstrcatW
SetLastError
lstrlenW
MultiByteToWideChar
GetProcAddress
GetLastError
LoadLibraryA
GetVersionExA
Sleep
GetCurrentProcess
WaitForMultipleObjects
CreateThread
TerminateThread
SizeofResource
LoadResource
FindResourceA
LoadLibraryExW
LoadLibraryExA
WideCharToMultiByte
lstrlenA
LocalAlloc
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
EnumSystemLocalesA
GetStringTypeA
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
FatalAppExitA
DeleteCriticalSection
GetConsoleMode
GetConsoleCP
WriteFile
GetFileType
LeaveCriticalSection
EnterCriticalSection
SetStdHandle
LCMapStringW
LCMapStringA
GetCurrentThread
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetOEMCP
GetACP
IsValidLocale
InterlockedCompareExchange
IsValidCodePage
InitializeCriticalSection
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetConsoleCtrlHandler
InterlockedExchange
HeapSize
GetTimeZoneInformation
CreateFileA
CloseHandle
GetLocaleInfoW
ReadFile
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeLibrary
InterlockedDecrement
InterlockedIncrement
HeapAlloc
RaiseException
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
GetCPInfo
user32
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
GetWindowRect
GetDlgItem
SetWindowPos
PostQuitMessage
GetMessagePos
MapWindowPoints
LoadMenuA
ClientToScreen
GetSubMenu
EnableMenuItem
ModifyMenuA
LoadIconA
DestroyMenu
DialogBoxParamA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetSystemMenu
AppendMenuA
CheckDlgButton
IsDlgButtonChecked
SetDlgItemTextA
MessageBoxA
SetWindowTextA
SendMessageA
PostMessageA
GetDlgItemTextA
EndDialog
LoadCursorA
EnableWindow
TrackPopupMenu
gdi32
DeleteObject
advapi32
OpenSCManagerA
EnumServicesStatusA
OpenServiceA
CloseServiceHandle
RegEnumKeyA
RegConnectRegistryA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
AbortSystemShutdownA
InitiateSystemShutdownA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
shell32
ShellExecuteA
Sections
.text Size: 273KB - Virtual size: 273KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 7KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 224KB - Virtual size: 224KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ