c31a6057cecb574c1ed56054008925f62e00c307a5f7d9cfac70507ea0c56c58

Sharing

Copy URL

Twitter E-mail

General

Target

c31a6057cecb574c1ed56054008925f62e00c307a5f7d9cfac70507ea0c56c58
Size

27KB
MD5

9137716881a4397f7cf06b90ce0ded9b
SHA1

b4626c7c8b42940cc86750d85504234d3c3b91e4
SHA256

c31a6057cecb574c1ed56054008925f62e00c307a5f7d9cfac70507ea0c56c58
SHA512

ffef72d07ed35e2bc65f62bc66689ecb6ca1157dd076dba8dd21b34d3766f8e7fa4a8bb3eaa35c8533a7700f91843f3264516504b1d752cecc757d9f5e6bdc0b
SSDEEP

768:YlwyRobUG+c+INdNJUq8agqH2rbJ1ZfXW7V:86I1xcN58agVJ1lWh

Score

N/A

Malware Config

Signatures

Files

c31a6057cecb574c1ed56054008925f62e00c307a5f7d9cfac70507ea0c56c58
.exe windows x86

4b1149d8d55522ce17076e2b4609dfd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalLock
lstrlenA
VirtualAlloc

msvcrt

_mbsnbset
_ismbstrail
is_wctype
_pipe
memcmp
_adj_fptan
tmpnam
_j1
setbuf
swscanf
_getdcwd
_strdup
_dup

user32

CharToOemA
CopyAcceleratorTableW
CreateAcceleratorTableW
DlgDirListComboBoxA
WaitForInputIdle
UnloadKeyboardLayout
TileWindows
SetShellWindow
SetLastErrorEx
MessageBoxW
MessageBeep
IsHungAppWindow
ImpersonateDdeClientWindow
GetMonitorInfoA
GetMenuItemID
EnumDisplaySettingsExW
EnumDisplayDevicesW
DrawTextA

advapi32

LogonUserW
CheckTokenMembership
CredDeleteA
SetPrivateObjectSecurityEx
OpenTraceA
MapGenericMask
LsaSetQuotasForAccount
LsaCreateTrustedDomain
LsaCreateAccount
ChangeServiceConfigA
GetExplicitEntriesFromAclW
ElfReportEventA
CryptSetProviderW
CryptEncrypt
CredRenameW
CredMarshalCredentialW

ntdll

RtlLookupElementGenericTable
RtlRunEncodeUnicodeString
ZwAccessCheckAndAuditAlarm
NtQueryMultipleValueKey

shell32

ord178
SHOpenFolderAndSelectItems
ord64
SHLoadNonloadedIconOverlayIdentifiers
SHGetUnreadMailCountW
SHGetPathFromIDListW
SHGetMalloc
SHGetDiskFreeSpaceA
ord51
ord49
ord41
InternalExtractIconListW
InternalExtractIconListA
ord21
ord19
FreeIconList
FindExecutableW

comctl32

ord337
ImageList_Draw
ord386
ord385
UninitializeFlatSB
ord14
ord17
ImageList_SetImageCount
ImageList_SetFlags
ImageList_Read
ImageList_EndDrag
CreateToolbarEx
ImageList_DragShowNolock
ImageList_DragLeave
GetMUILanguage
FlatSB_SetScrollInfo
ord413
ord324
ord338

version

VerFindFileW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerInstallFileW
VerQueryValueA

gdi32

AbortDoc
AddFontResourceA
BeginPath
CreateDIBPatternBrushPt
CreatePolygonRgn
FillPath
GdiDeleteSpoolFileHandle
GdiGetDC
GetGlyphOutline
GetObjectW
GetPath
GetSystemPaletteEntries
GetTextExtentPoint32A
Polyline
RectInRegion
SetBkColor
SetTextJustification

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b1149d8d55522ce17076e2b4609dfd1

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

ntdll

shell32

comctl32

version

gdi32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 1000B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 1000B