31e243761751de74fda3b2fd228d31695bd0c00a26ec97fe6ca6855de2ebaebf

Sharing

Copy URL

Twitter E-mail

General

Target

31e243761751de74fda3b2fd228d31695bd0c00a26ec97fe6ca6855de2ebaebf
Size

419KB
MD5

38817734cff961ce59f2d3b30fb12956
SHA1

c5f78c71f3356ec8c250d9e34b2b2ddc2f5a5516
SHA256

31e243761751de74fda3b2fd228d31695bd0c00a26ec97fe6ca6855de2ebaebf
SHA512

16915e9ac119d9eb911a760fac05f47a40d9c2cc46f814fe8cc18df998ca2423799268121cfe07cea832df52aa92e1b33faf1fbd0010c7ef5b5820e6189c866b
SSDEEP

6144:qo9AUd+M9d6ppduagI1PNalfopaZ5qey5He+J/5BV9lshMc22H89F/Jtwks6ZRMj:pqi+M9d6pvuaN11Eopa0e4lsKN9xpsI

Score

N/A

Malware Config

Signatures

Files

31e243761751de74fda3b2fd228d31695bd0c00a26ec97fe6ca6855de2ebaebf
.exe windows x86

c8e3e3e6a65e9c6b7d6017ff13b3c5fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNamedPipeInfo
CreateHardLinkA
GetFullPathNameA
FindAtomA
GetLastError
TzSpecificLocalTimeToSystemTime
QueueUserAPC
GlobalReAlloc
RemoveDirectoryA
SetFileApisToOEM
GetSystemTimeAdjustment
FindFirstVolumeA
LocalFree
FindFirstVolumeMountPointA
GetCommModemStatus
EnterCriticalSection
IsBadReadPtr
EscapeCommFunction
WritePrivateProfileStructA
GetEnvironmentVariableA
GetCommProperties
GlobalDeleteAtom
ResumeThread
GlobalHandle
BeginUpdateResourceA
QueryPerformanceFrequency
GetPrivateProfileStructA
TransmitCommChar
GetLogicalDrives
LockFileEx
GetProcAddress
GetModuleHandleA
LocalAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcessHeap
SetEndOfFile
LoadModule
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
HeapSize
LCMapStringW
LCMapStringA
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
FlushFileBuffers
SetStdHandle
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
InterlockedExchange
FreeLibrary
GetCurrentDirectoryA
GetConsoleMode
GetProfileSectionA
GetExitCodeProcess
GetProcessVersion
SetSystemTimeAdjustment
IsDebuggerPresent
SetTapePosition
SetCriticalSectionSpinCount
DeleteTimerQueueEx
DuplicateHandle
ReadFile
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetModuleHandleW
Sleep
ExitProcess
RaiseException
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
CloseHandle
SetHandleCount
GetFileType
SetFilePointer
WideCharToMultiByte
GetConsoleCP
CreateDirectoryA

user32

CloseDesktop
GetClassInfoExA
GetMenuState
ArrangeIconicWindows
ScreenToClient
InsertMenuA
IsCharAlphaNumericA
AttachThreadInput
DestroyWindow
GetMenu
AppendMenuA
EnableWindow
GetPropA
VkKeyScanA
SetProcessWindowStation
EnumDisplaySettingsExA
ClientToScreen
GetMenuInfo
DrawTextExA
InvalidateRgn
SetKeyboardState
SetThreadDesktop
GetClientRect
SetMenuDefaultItem
ToUnicodeEx
MessageBoxExA
GetClassLongA
UnregisterHotKey
ChangeDisplaySettingsA
SetFocus
CharLowerBuffA
HiliteMenuItem
GetCaretBlinkTime
SetClassLongA
GetThreadDesktop
GetMenuStringA
ShowOwnedPopups
AdjustWindowRect
TranslateAcceleratorA
GetUpdateRgn
GetSystemMetrics
IsCharAlphaA
GetMenuBarInfo
DragObject
GetMessageExtraInfo

advapi32

GetSecurityDescriptorOwner
LookupPrivilegeValueA
GetNumberOfEventLogRecords
LookupPrivilegeDisplayNameA
IsValidSid
SetKernelObjectSecurity
AddAccessAllowedObjectAce
AreAllAccessesGranted
IsTokenRestricted

Sections

.text
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c8e3e3e6a65e9c6b7d6017ff13b3c5fd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 285KB - Virtual size: 285KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 98KB - Virtual size: 106KB

.text
Size: 285KB - Virtual size: 285KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 98KB - Virtual size: 106KB