31a10a3c69714f962aa5fbed8d2be22e72f6d16ecbf896663fce23b5bd4c1613

Sharing

Copy URL Twitter E-mail

General

Target

31a10a3c69714f962aa5fbed8d2be22e72f6d16ecbf896663fce23b5bd4c1613
Size

746KB
MD5

4a81194c05617248c767b2bc18703ed0
SHA1

207829e2464022b68425f91a8ce55e11047824e0
SHA256

31a10a3c69714f962aa5fbed8d2be22e72f6d16ecbf896663fce23b5bd4c1613
SHA512

f8731ec18137a2350b307af9a5350eceb99f39e69a20bf643c944cd3ccef1979d9c4e644ed7d84a759e799c3603df53aa4b14926a341f73f904379d794a8481b
SSDEEP

12288:MbwkxUqsPi+JgmDeL3CdmO8UPlH2jXIN6EDfXKrmPfvvrmoejQpgc:MbwkguCdD8UPlWjTEDamfvMm

Score

N/A

Malware Config

Signatures

Files

31a10a3c69714f962aa5fbed8d2be22e72f6d16ecbf896663fce23b5bd4c1613
.exe windows x86

0704409b0249a3b97c5f021bdd0d3db5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
RegDeleteKeyA
RegEnumKeyExA
QueryServiceConfigA
SetServiceStatus
RegDeleteValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CloseServiceHandle
OpenServiceA
OpenSCManagerA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
IsValidSid
CopySid
GetLengthSid
AddAce
InitializeAcl
GetAclInformation
MakeSelfRelativeSD
GetSecurityDescriptorControl
GetSecurityDescriptorLength
SetNamedSecurityInfoA
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
MakeAbsoluteSD
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
GetAce
GetNamedSecurityInfoA
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom

kernel32

CloseHandle
DeviceIoControl
CreateFileA
ReadFile
SetFilePointer
GetLastError
GetVersionExA
WriteFile
GetSystemDirectoryA
QueryDosDeviceA
GetDriveTypeA
WaitForMultipleObjectsEx
SetWaitableTimer
CreateWaitableTimerA
CreateThread
WaitForSingleObjectEx
CreateMutexA
ReleaseMutex
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
SetEvent
SuspendThread
ResumeThread
LeaveCriticalSection
EnterCriticalSection
GetOverlappedResult
DisconnectNamedPipe
ConnectNamedPipe
CreateEventA
OpenProcess
WaitForSingleObject
CreateNamedPipeA
InitializeCriticalSection
DeleteCriticalSection
GetTempPathA
GetCurrentProcessId
InterlockedExchange
GetACP
GetLocaleInfoA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
SetLastError
LocalFree
Sleep
OpenMutexA
GetLocalTime
GetTickCount
GetCurrentThreadId
GetFileAttributesA
GetFileAttributesExA
DeleteFileA
RemoveDirectoryA
MoveFileA
InterlockedCompareExchange
FormatMessageA
InterlockedDecrement
InterlockedIncrement
RtlUnwind
ExitProcess
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
GetCommandLineA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
GetCPInfo
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
QueryPerformanceCounter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetOEMCP
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoW
SetEndOfFile
GetProcessHeap

user32

wsprintfA

Sections

.text
Size: 441KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0704409b0249a3b97c5f021bdd0d3db5

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 441KB - Virtual size: 441KB

.rdata Size: 151KB - Virtual size: 150KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 37KB - Virtual size: 37KB

.text Size: 107KB - Virtual size: 108KB

.text
Size: 441KB - Virtual size: 441KB

.rdata
Size: 151KB - Virtual size: 150KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 37KB - Virtual size: 37KB

.text
Size: 107KB - Virtual size: 108KB