31c3a0e788ab864983e0336b9be6ee47a78de556ef1ef75eb14e04cafefeff97

Sharing

Copy URL Twitter E-mail

General

Target

31c3a0e788ab864983e0336b9be6ee47a78de556ef1ef75eb14e04cafefeff97
Size

296KB
MD5

ff521bf1e6d0eb7c516c7fdcdd99dc9d
SHA1

4836831c67981495fb161c7f5bf17a7691d3fbc0
SHA256

31c3a0e788ab864983e0336b9be6ee47a78de556ef1ef75eb14e04cafefeff97
SHA512

505a1b008d935a23f5e17d9fa139eb192f0b0c323cc541f327b27cc801d2afdb461996a382f5cf097a576f4b8beaaae79b5056577178c43e7a662da1b4067e1d
SSDEEP

6144:EmIAh8Bbq0pkIrx2Xxbbvqwgj5QledCzEbO0:EZBPZehMhdCz

Score

N/A

Malware Config

Signatures

Files

31c3a0e788ab864983e0336b9be6ee47a78de556ef1ef75eb14e04cafefeff97
.exe windows x86

6781ad0faf78512002c90e31d3902ad2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetUserObjectInformationW
LoadStringW
PeekMessageA
CreatePopupMenu
MenuItemFromPoint
EndPaint
CreateDialogIndirectParamA
GetDoubleClickTime
SetMessageQueue
GetQueueStatus

advapi32

LookupAccountSidA
CryptEnumProvidersW
CryptGetUserKey
CryptVerifySignatureW
RegQueryValueExW
CryptDuplicateKey
CryptEnumProvidersA
CryptGetHashParam
CryptEnumProviderTypesW
CryptEncrypt
StartServiceW
LookupAccountNameA
RegEnumKeyW

gdi32

RemoveFontResourceA

wininet

InternetGoOnlineA
SetUrlCacheConfigInfoA
FindNextUrlCacheEntryA
InternetGetCookieA

comdlg32

ReplaceTextW
ChooseFontW

kernel32

HeapReAlloc
VirtualQuery
GetEnvironmentStrings
GetStartupInfoA
FreeLibraryAndExitThread
HeapSize
HeapFree
GetSystemTimeAsFileTime
GetStdHandle
TlsGetValue
GetCommandLineA
FreeEnvironmentStringsW
TlsSetValue
GetStringTypeW
GetCurrentProcessId
IsValidCodePage
TerminateProcess
GetModuleFileNameA
SetUnhandledExceptionFilter
IsDebuggerPresent
UnhandledExceptionFilter
SetHandleCount
TlsAlloc
QueryPerformanceCounter
GetDateFormatA
TlsFree
UnmapViewOfFile
GetTickCount
InterlockedDecrement
CompareStringA
Sleep
GetCurrentThread
InterlockedExchange
ExitProcess
MultiByteToWideChar
GetOEMCP
SetLastError
CompareStringW
GetTimeFormatA
GetUserDefaultLCID
HeapCreate
LoadLibraryA
GetEnvironmentStringsW
VirtualAlloc
GetLocaleInfoW
FreeLibrary
InterlockedIncrement
GetCPInfo
GetCurrentThreadId
RtlUnwind
GetACP
GetTimeZoneInformation
LCMapStringW
GetVersionExA
GetLastError
EnterCriticalSection
WideCharToMultiByte
FreeEnvironmentStringsA
VirtualFree
SetConsoleCtrlHandler
InitializeCriticalSection
GetLocaleInfoA
GetProcAddress
HeapDestroy
SetEnvironmentVariableA
LCMapStringA
GetProcessHeap
WriteFile
GetStringTypeA
LeaveCriticalSection
DeleteCriticalSection
GetFileType
GetCurrentProcess
EnumSystemLocalesA
GetModuleHandleA
IsValidLocale
HeapAlloc

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6781ad0faf78512002c90e31d3902ad2

Headers

File Characteristics

Imports

user32

advapi32

gdi32

wininet

comdlg32

kernel32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 8KB - Virtual size: 38KB

.data Size: 139KB - Virtual size: 139KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 8KB - Virtual size: 38KB

.data
Size: 139KB - Virtual size: 139KB

.rsrc
Size: 11KB - Virtual size: 10KB