31e539223896ad33ec5f203b085164b117c53063bbda4c03210c9e336fd4110d

Sharing

Copy URL Twitter E-mail

General

Target

31e539223896ad33ec5f203b085164b117c53063bbda4c03210c9e336fd4110d
Size

140KB
MD5

206a7f2e4f60138ea520779c87c2b08e
SHA1

b1612b9e6149fb031b5195fcc301913affbb0453
SHA256

31e539223896ad33ec5f203b085164b117c53063bbda4c03210c9e336fd4110d
SHA512

e19510b3bf4fad24b2c732f492ced6d2031b472ea9178d6971360c5cce639b0bd3609e93bd3d0c558ac488a7c70dbd9b93024c27aca90a6a9289387f016154b1
SSDEEP

1536:UWr2j9B7mFWB3Qu8csHFvVTPsu0Jfvn3eiKhv9vFHEcerTrpNK/+5c3Ns8jcdy7J:UW21MlyJX3ethvNFkcwC+3ySp7tq

Score

N/A

Malware Config

Signatures

Files

31e539223896ad33ec5f203b085164b117c53063bbda4c03210c9e336fd4110d
.exe windows x86

5e8055b68ea8bb21a51e98bf10244aa7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
WideCharToMultiByte
FreeLibrary
GetProcAddress
GetModuleHandleA
lstrcmpiA
IsDBCSLeadByte
LeaveCriticalSection
RaiseException
EnterCriticalSection
FindResourceA
LoadLibraryExA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
DecodePointer
CreateMutexA
GetVersionExA
IsWow64Process
GetCurrentProcess
GetTempPathA
FindFirstFileA
FindNextFileA
FindClose
LocalFree
GetProcessHeap
CreateFileW
WriteConsoleW
LoadLibraryExW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetModuleFileNameA
MultiByteToWideChar
GetFileSize
FlushFileBuffers
SetEndOfFile
WriteFile
SetFilePointer
ReadFile
GetFileSizeEx
GetLastError
CreateDirectoryA
MoveFileExW
GetModuleFileNameW
GetOEMCP
GetACP
IsValidCodePage
GetConsoleCP
GetModuleHandleExW
ExitProcess
GetConsoleMode
SetFilePointerEx
GetFileType
GetStdHandle
LCMapStringW
CloseHandle
GetSystemTimeAsFileTime
CreateThread
CreateFileA
IsDebuggerPresent
OutputDebugStringW
EncodePointer
GetStringTypeW
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualQuery
IsProcessorFeaturePresent
AreFileApisANSI
GetCommandLineA
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW

user32

DefWindowProcA
DestroyWindow
GetClassNameA
GetWindow
GetWindowTextA
EnumWindows
SendMessageA
CharNextA

advapi32

SetNamedSecurityInfoA
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
FreeSid
OpenProcessToken
RegDeleteKeyA
SetEntriesInAclA
AllocateAndInitializeSid
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA

shell32

SHGetFolderPathA

ole32

CoTaskMemRealloc
CoInitialize
CoUninitialize
CoInitializeSecurity
CoSetProxyBlanket
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

oleaut32

VarUI4FromStr
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString

comctl32

InitCommonControlsEx

crypt32

CertAddEncodedCertificateToStore
CertOpenSystemStoreA
CertCloseStore

winmm

waveOutSetVolume
waveOutGetVolume

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e8055b68ea8bb21a51e98bf10244aa7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

crypt32

winmm

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 488B

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 488B