31b916cd6223993f27ab6debf6e571e691aedd8909a0da898bc3bd39efe00087

Sharing

Copy URL Twitter E-mail

General

Target

31b916cd6223993f27ab6debf6e571e691aedd8909a0da898bc3bd39efe00087
Size

39KB
MD5

0e6eec0739b0d108e49cb8ad530c12d0
SHA1

25647b2823e152a608594dfbcb2771d3c1fa7391
SHA256

31b916cd6223993f27ab6debf6e571e691aedd8909a0da898bc3bd39efe00087
SHA512

409f8c158022488909aff731db0ad0f17c1da8c0ecbac96fb9e9164b15bbcfd5571313226fe25b0c839cee7c0939499d73bf29752094a43b4c6349d9c5424f3c
SSDEEP

768:B90OGZSxhMjy2vGf57TuzBg3k/jFjsBx0EkqVwnOYOJXD8011L0:BiBjy2vGf5iBg0/Ax0gwnUJXD8U1L

Score

N/A

Malware Config

Signatures

Files

31b916cd6223993f27ab6debf6e571e691aedd8909a0da898bc3bd39efe00087
.exe windows x86

2a5aae458fc0d4b12c3c293f26469545

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
LocalFree
GetLastError
LocalAlloc
FormatMessageW
SetThreadUILanguage
GetConsoleOutputCP
WideCharToMultiByte
GetProcessHeap
HeapAlloc
GetStdHandle
WriteFile
HeapFree
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange

msvcrt

_amsg_exit
_iob
fwprintf
_controlfp
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_wsetlocale
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_wtoi
wcsstr
memset
_vsnwprintf
wprintf
_wcsicmp

ntdll

RtlGUIDFromString
RtlNtStatusToDosError

user32

LoadStringW

vaultcli

VaultCreateVault
VaultGetItemType
VaultSetInformation
VaultEnumerateItems
VaultRemoveItem
VaultAddItem
VaultCloseVault
VaultLockVault
VaultFree
VaultGetInformation
VaultOpenVault
VaultUnlockVault
VaultEnumerateVaults
VaultLoadVaults
VaultUnloadVaults
VaultCopyVault
VaultEnumerateItemTypes

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a5aae458fc0d4b12c3c293f26469545

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

user32

vaultcli

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 968B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 18KB - Virtual size: 21KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 968B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 18KB - Virtual size: 21KB