31c850f8ce3e9549f657208d62ef99c4079302c6ec0c17c54a09fca231dce883

Sharing

Copy URL

Twitter E-mail

General

Target

31c850f8ce3e9549f657208d62ef99c4079302c6ec0c17c54a09fca231dce883
Size

730KB
MD5

107e07a44a2d7c4695fce15aac127ce5
SHA1

6f16f9a9bfa5ed2e55b71d61e598a8d2fd6bdd26
SHA256

31c850f8ce3e9549f657208d62ef99c4079302c6ec0c17c54a09fca231dce883
SHA512

de820da873836e18be9901de15a8d75b46da7366ce8d842ac98825d9990ec96c28448cbca3dcae92978892abac8aa5fe27d357553700217630f8e8b62028ddad
SSDEEP

12288:n9Sqw58sd1OgCZuoy9fEiboWm0BHQEnuV+m4mj26zc92idYB1Tc7l9oXT/nEi7Iy:n08sd1REib6mHQL4ODzaYB1NEiR3U/Kb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31c850f8ce3e9549f657208d62ef99c4079302c6ec0c17c54a09fca231dce883

Files

31c850f8ce3e9549f657208d62ef99c4079302c6ec0c17c54a09fca231dce883
.exe windows:6 windows x86

1a9db3936ada88058e6cb94b93f7234d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrlenA
FindResourceA
MoveFileA
SystemTimeToFileTime
MultiByteToWideChar
WideCharToMultiByte
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
lstrcpyA
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
WriteConsoleW
CreateFileW
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
lstrcmpiA
SizeofResource
LoadResource
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
FreeResource
GetSystemDirectoryA
GetTickCount
GetCurrentThreadId
ExitProcess
Sleep
CreateMutexA
ReleaseMutex
GetProcessHeap
HeapFree
GetCommandLineA
HeapAlloc
SetLastError
GetLastError
SetUnhandledExceptionFilter
CloseHandle
GetTempPathA
WriteFile
SetFileTime
SetFilePointer
SetFileAttributesA
ReadFile
LocalFileTimeToFileTime
GetFileAttributesA
DeleteFileA
CreateFileA
GetCurrentProcessId
GetConsoleOutputCP
FlushFileBuffers
HeapSize
RaiseException
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
HeapReAlloc
GetCurrentThread
OutputDebugStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetFileType
GetStringTypeW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
SetConsoleCtrlHandler
DecodePointer

user32

GetMessageA
wsprintfA
PostThreadMessageA
GetInputState

advapi32

GetUserNameA
StartServiceA
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegSetValueExA
RegSetKeySecurity
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
LookupAccountNameA
GetFileSecurityA
SetFileSecurityA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
GetSecurityDescriptorDacl
GetSecurityDescriptorControl
GetLengthSid
GetAclInformation
GetAce
FreeSid
EqualSid
AllocateAndInitializeSid
AddAce
AddAccessAllowedAce

netapi32

NetUserGetLocalGroups
NetApiBufferFree

Sections

.text
Size: 301KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a9db3936ada88058e6cb94b93f7234d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

netapi32

Sections

.text Size: 301KB - Virtual size: 305KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 414KB - Virtual size: 414KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 301KB - Virtual size: 305KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 414KB - Virtual size: 414KB

.reloc
Size: 9KB - Virtual size: 9KB