31bfb20b81959835a2e884cfaf7b21a8486a7dedbe9e59076b69a86073e9b5c9

Sharing

Copy URL Twitter E-mail

General

Target

31bfb20b81959835a2e884cfaf7b21a8486a7dedbe9e59076b69a86073e9b5c9
Size

397KB
MD5

004f8b1dff37a033a8f250c63c58be9e
SHA1

a30597fed280fb09eee8816531d21922886fcbe1
SHA256

31bfb20b81959835a2e884cfaf7b21a8486a7dedbe9e59076b69a86073e9b5c9
SHA512

f31de21aacaf34683a75a1da6bb09e643b5149ad9af29a0cbc7299e8735c56e7214ccc1ecd63f8bff3b73edf9896c25b99d20997485e11b86445a0a899135b50
SSDEEP

6144:hCd7HxK7FmNeDBGw4hwrW33o2E3m3sQ+O/2MGbBEbr+K4cPOxAfQed3CoD1drsgX:0o2gm3sQVxGlEb2KOKQUfrsgBj3eUeu

Score

N/A

Malware Config

Signatures

Files

31bfb20b81959835a2e884cfaf7b21a8486a7dedbe9e59076b69a86073e9b5c9
.exe windows x86

7d9b1b19907cf4fdfc167c9f2eb4f4bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
lstrcpyA
CloseHandle
CreateFileW
IsProcessorFeaturePresent
HeapReAlloc
WriteConsoleW
SetStdHandle
HeapSize
LoadLibraryW
RtlUnwind
GetStringTypeW
LCMapStringW
Sleep
HeapFree
LeaveCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
RaiseException
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapCreate
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
LoadLibraryA
FindClose
GetProcAddress
GetLastError
FindFirstFileA
lstrlenW
lstrcatA
WideCharToMultiByte
MultiByteToWideChar
GlobalAlloc
GetTickCount
HeapAlloc
lstrlenA
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
FlushFileBuffers
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
EnterCriticalSection
ExitProcess
InterlockedDecrement
InterlockedIncrement
GetCPInfo
EncodePointer
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA

user32

CopyRect
DrawFrameControl
SetWindowTextA
GetSystemMetrics
DefMDIChildProcA
ShowScrollBar
IsDlgButtonChecked
CreatePopupMenu
ClientToScreen
GetWindowRect
GetWindowDC
DrawTextA
GetFocus
IsWindowEnabled
ShowWindow
SendMessageA
BeginPaint
GetClientRect
GetWindowTextA
TrackPopupMenuEx
CreateWindowExA
ReleaseDC
GetDlgItem
EndDialog
DefWindowProcA
GetCursorPos

gdi32

DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateRectRgn

advapi32

AddAccessAllowedAce

shell32

SHGetFolderPathW

comctl32

ord17

gdiplus

GdipCreateBitmapFromFile
GdipDisposeImage
GdipCreateHBITMAPFromBitmap

uxtheme

DrawThemeBackground

powrprof

GetPwrCapabilities

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 211KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 512B - Virtual size: 481B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d9b1b19907cf4fdfc167c9f2eb4f4bb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

gdiplus

uxtheme

powrprof

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 211KB - Virtual size: 218KB

.flat Size: 7KB - Virtual size: 6KB

.edata Size: 1KB - Virtual size: 1KB

.ddata Size: 512B - Virtual size: 481B

.rsrc Size: 90KB - Virtual size: 90KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 211KB - Virtual size: 218KB

.flat
Size: 7KB - Virtual size: 6KB

.edata
Size: 1KB - Virtual size: 1KB

.ddata
Size: 512B - Virtual size: 481B

.rsrc
Size: 90KB - Virtual size: 90KB

.reloc
Size: 8KB - Virtual size: 8KB