8b31ef33ec2aa744e6f57c75239fad18

Sharing

Copy URL Twitter E-mail

General

Target

8b31ef33ec2aa744e6f57c75239fad18
Size

512KB
MD5

8b31ef33ec2aa744e6f57c75239fad18
SHA1

656afc0f40a0546d4bf83e3e15d9fa84bdab6d36
SHA256

7efa816830e0b005a6b7933961f5f5e16a5f797dee75bedf958a4fe5c8999b50
SHA512

642336fd370ba981674986624e12300dbf0e28acaf8a0b5d182d7492ed3a0234ac034fc3dcd99b8a497b3930a8fbfdc8a975996ccd5fe59a6a38905c3b7dec6d
SSDEEP

12288:KLTffKc1dxDJ4D3ysneJoKzvZpCcj1wlkX2i78UmBusDaYvY:KLTffKuDmvFKzv7zPD7VpP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b31ef33ec2aa744e6f57c75239fad18

Files

8b31ef33ec2aa744e6f57c75239fad18
.exe windows:4 windows x86 arch:x86

4102a12269911a988c8e70e755dbceb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shell32

ExtractIconEx
SHChangeNotify
FindExecutableW
SHGetPathFromIDListA

kernel32

ExitProcess
GetCalendarInfoA
DeleteCriticalSection
GetLastError
TlsFree
GetLongPathNameA
GetPriorityClass
InterlockedExchange
GetFileType
SetStdHandle
GetTimeZoneInformation
GetModuleFileNameA
HeapCreate
GetModuleHandleA
OpenEventW
GetOEMCP
CompareStringA
GetDateFormatA
LeaveCriticalSection
GetCPInfo
OpenSemaphoreA
IsValidLocale
MoveFileExW
GetCurrentThreadId
FreeEnvironmentStringsA
GetCommandLineA
DeleteFileW
SetLastError
FillConsoleOutputCharacterW
LoadLibraryA
WideCharToMultiByte
GetStringTypeA
SetPriorityClass
HeapFree
GetStdHandle
QueryPerformanceCounter
SetEndOfFile
CompareStringW
GetLocaleInfoA
LCMapStringA
EnterCriticalSection
LCMapStringW
SetEnvironmentVariableA
VirtualAlloc
GetSystemInfo
WritePrivateProfileStructA
GetStringTypeExA
HeapAlloc
GetTickCount
GetStartupInfoW
TerminateProcess
GetCurrentProcessId
GetCurrentThread
GetACP
TlsSetValue
GetUserDefaultLCID
IsBadWritePtr
HeapReAlloc
GetCurrentProcess
InitializeCriticalSection
GetStringTypeW
GetStartupInfoA
GetEnvironmentStrings
FreeEnvironmentStringsW
LocalCompact
CreateMutexA
GetProcAddress
GetVersionExA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
HeapSize
WriteProfileSectionA
WriteFile
VirtualQuery
ReadFile
GetModuleFileNameW
MultiByteToWideChar
IsValidCodePage
TlsGetValue
VirtualProtect
EnumSystemLocalesA
FindResourceA
GetCommandLineW
TlsAlloc
GetEnvironmentStringsW
SetHandleCount
CloseHandle
GetTimeFormatA
SetFilePointer
DebugActiveProcess
ResetEvent
FlushFileBuffers
OpenMutexA
GetLocaleInfoW
RtlUnwind
HeapDestroy
VirtualFree

gdi32

EnumMetaFile
GetPixel
CreateFontIndirectA
SetViewportExtEx

advapi32

CryptSetProviderW
RegQueryInfoKeyW
RegQueryValueExA
CryptEnumProviderTypesA

user32

WinHelpA
DdeUninitialize
IsWindowEnabled
DdeCreateStringHandleW
BlockInput
DdeReconnect
WINNLSGetIMEHotkey
SetScrollInfo
RegisterClassExA
DdeInitializeA
GetProcessDefaultLayout
LoadIconA
DrawAnimatedRects
ScrollWindowEx
CallMsgFilterW
SetUserObjectInformationW
GetKeyState
RegisterClassA

comdlg32

GetSaveFileNameA

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4102a12269911a988c8e70e755dbceb7

Headers

File Characteristics

Imports

comctl32

shell32

kernel32

gdi32

advapi32

user32

comdlg32

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 8KB - Virtual size: 39KB

.data Size: 355KB - Virtual size: 355KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 8KB - Virtual size: 39KB

.data
Size: 355KB - Virtual size: 355KB

.rsrc
Size: 9KB - Virtual size: 8KB