srb13f[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

srb13f.exe
Size

222KB
MD5

52679c9cd0b471558fd6cbbb0d75552c
SHA1

d6474a8eafcdf0f6a627a74bd2a90cf1e95e8d52
SHA256

4303e4dbf5b3088a84e266f3857dba5e2de1a47b5771726e5e66b5072014d099
SHA512

cc13d20222bacbb48805f2ec037d2c1bce75a70da4577d1682245d5407432f85e76188e4bcb5801818db4b4abd8dcbb2cfb3197ca38c5cdd4ffdc86c21226b78
SSDEEP

3072:hXutLpt+8yXBESbsAY04OzEvEhcdLRCc+T8ctQrzb9Hi9+WPd4QX6qXG:hS7AeOzEvEuBctQrzb9hqX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
srb13f.exe

Files

srb13f.exe
.exe windows:4 windows x86 arch:x86

f5285438931072b1a7884077c6913b06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cncs32

ord4
ord69
ord150
ord70
ord159
ord16
ord46
ord47
ord58
ord77
ord6
ord78
ord42
ord64
ord24
ord158
ord81
ord23
ord43
ord120
ord3
ord2
ord33
ord179
ord178
ord30
ord146
ord167
ord176
ord140
ord151
ord104
ord147
ord36
ord89
ord165
ord90
ord141
ord136
ord109
ord163
ord166
ord92
ord94
ord93
ord91
ord52
ord168
ord138
ord56
ord162
ord108
ord19
ord50
ord76
ord68
ord32
ord181
ord180
ord206
ord57
ord35
ord148
ord73
ord83
ord55
ord29
ord137
ord118
ord119
ord117
ord86
ord98
ord61
ord125
ord60
ord132
ord131
ord34
ord80
ord54
ord48
ord133
ord129
ord75
ord143
ord177
ord115
ord149
ord169
ord116
ord66
ord185
ord106
ord171
ord107
ord173
ord172
ord112
ord113
ord114
ord88
ord96
ord160
ord111
ord95
ord161
ord71
ord101
ord18
ord65
ord12

winmm

joyGetPos
timeGetTime

kernel32

GlobalUnlock
GlobalFree
GlobalLock
GlobalSize
GlobalReAlloc
GetProcAddress
FreeLibrary
SetErrorMode
LoadLibraryA
GetVersion
GlobalAddAtomA
GlobalDeleteAtom
CreateProcessA
GetExitCodeProcess
LocalFree
GetPrivateProfileIntA
GlobalAlloc
lstrcpy
lstrcmp
lstrcat
lstrlen
GetModuleFileNameA
_hread
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetTickCount
_llseek
_lread
_lcreat
_lopen
_lclose
LocalAlloc
GetTempPathA
GetTempFileNameA
_lwrite
lstrcpyA
lstrlenA
HeapFree
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
GetCurrentProcess
TerminateProcess
ExitProcess
GetOEMCP
GetACP
GetCPInfo
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
DeleteFileA
GetLastError
HeapAlloc
GetStringTypeA
GetStringTypeW
VirtualAlloc

user32

GetUpdateRect
PostQuitMessage
RegisterClassA
RegisterClassExA
LoadImageA
LoadIconA
GetClassNameA
GetTopWindow
SetCapture
GetCursorPos
SetCursorPos
ReleaseCapture
ShowCursor
GetFocus
GetPropA
SetPropA
CallWindowProcA
RemovePropA
GetSystemMetrics
IntersectRect
RedrawWindow
GetDesktopWindow
IsDlgButtonChecked
CheckRadioButton
GetActiveWindow
IsWindowVisible
GetWindowRect
IsZoomed
SetWindowPos
GetClientRect
GetWindowLongA
SetWindowLongA
UpdateWindow
LoadMenuIndirectA
LoadMenuA
GetSubMenu
InvalidateRect
ShowWindow
DestroyMenu
GetMenu
wsprintfA
SetWindowTextA
GetMenuItemCount
GetMenuState
DeleteMenu
FillRect
SetMenu
IsIconic
CheckMenuItem
EnableMenuItem
PostMessageA
GetKeyState
SendMessageA
GetWindow
SetForegroundWindow
WinHelpA
BeginPaint
EndPaint
ClientToScreen
PtInRect
GetDC
ScreenToClient
ReleaseDC
GetDlgItem
MapVirtualKeyA
SetTimer
SetDlgItemTextA
KillTimer
SendDlgItemMessageA
GetDlgItemTextA
EndDialog
LoadStringA
MessageBoxA
CopyRect
OffsetRect
GetInputState
PeekMessageA
SetFocus
GetDlgCtrlID
EnumThreadWindows
GetAsyncKeyState

gdi32

GetStockObject
DeleteObject
CreateSolidBrush
CreatePalette
SelectObject
LineTo
MoveToEx
Rectangle
CreateHatchBrush
CreatePen
StretchDIBits
SelectPalette
RealizePalette
CreateFontIndirectA
GetObjectA
GetTextExtentPointA
GetSystemPaletteEntries
GetDeviceCaps

advapi32

RegQueryValueA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 915B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TEXT_1
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5285438931072b1a7884077c6913b06

Headers

File Characteristics

Imports

cncs32

winmm

kernel32

user32

gdi32

advapi32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 1024B - Virtual size: 915B

.data Size: 13KB - Virtual size: 18KB

.idata Size: 5KB - Virtual size: 5KB

TEXT_1 Size: 41KB - Virtual size: 41KB

.rsrc Size: 55KB - Virtual size: 55KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 1024B - Virtual size: 915B

.data
Size: 13KB - Virtual size: 18KB

.idata
Size: 5KB - Virtual size: 5KB

TEXT_1
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 55KB - Virtual size: 55KB

.reloc
Size: 13KB - Virtual size: 13KB