c31d96ac50eaa94bc681102aab4f32dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c31d96ac50eaa94bc681102aab4f32dc
Size

123KB
MD5

c31d96ac50eaa94bc681102aab4f32dc
SHA1

d4ae4c48de5f3c9eb3f16ae86f234ff3ec8ad519
SHA256

af68501a583a1cd3774d3872a3307e31725731e7556f4bc4faee04fa2ecd8060
SHA512

9b8f617ec5a75b342d27728cadf6994f3bd6e38866ea4ab848b4a29aabf2e5077796983fa5fd21f3ee536bf1481e26e1cd7180171846ac242494be0ef8f470aa
SSDEEP

3072:ZtTX3QADwdZLnuEGyzjaSHwXWvY5l3sdmh9pL5jMvsYx:zo5GyzOSqEENdiT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c31d96ac50eaa94bc681102aab4f32dc

Files

c31d96ac50eaa94bc681102aab4f32dc
.exe windows:5 windows x86 arch:x86

17209f80b4401c8c7b5c9a21e12aff81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\Fpvah\fuQLHwf\bqtpc.pdb

Imports

comdlg32

PrintDlgW
GetSaveFileNameW

kernel32

GetBinaryTypeW
GetCurrentDirectoryW
lstrcatW
CreateDirectoryA
SetThreadExecutionState
CancelIo
SetHandleInformation
lstrlenW
GetTickCount
HeapFree
GetStartupInfoW
GetSystemWindowsDirectoryA
GlobalFlags
LocalFileTimeToFileTime

user32

IsCharAlphaA
SendMessageW
RemoveMenu
wsprintfW
GetShellWindow
DrawTextW
DrawIconEx
HideCaret
GetCursorPos
GetKeyState
CloseDesktop
GetMenuItemCount
DeleteMenu

gdi32

LineDDA
SetBitmapDimensionEx
EndPath
GetTextExtentPointA
ResizePalette
RoundRect
GetFontData
BitBlt
RectVisible

Exports

Exports

?eVElgjD@@YGPAFPAE@Z
?onyduofrbhskpruhEzy@@YGHI@Z
?lMdlfNuiobLWgdgNpbo@@YGI_N@Z
?xyYqgyAqul@@YGKDF@Z
?wakQTYBQs@@YGXF@Z
?lyjtqDxEgs@@YGIPAIF@Z

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ