c31f8a570211d2af1259f5b7f2c4027c

General

Target

c31f8a570211d2af1259f5b7f2c4027c
Size

442KB
MD5

c31f8a570211d2af1259f5b7f2c4027c
SHA1

5d239f777e083a0a14ee4b7e82af97f594752689
SHA256

aa8233b107ae1f56a699c164fceab436d446e6e4e3da497a83c16e317bc5c7f5
SHA512

6dffe7e722d6588600c5f15a6817baedb6302becab6bddeed2022e54d458b46e321e7fe9f40d50ffbb5997b41f4ee913ddb900445e9bdd5e5fba80e335ddc1a6
SSDEEP

6144:25mDkmsp0Pavf9lyDK1Joyrj4l5Jmt1YBkpnhg7lotJDrvMNzhTBb6FIW6:bkmsp029QKQSj4TJmtCjxkBrvMNP6I7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c31f8a570211d2af1259f5b7f2c4027c

Files

c31f8a570211d2af1259f5b7f2c4027c
.exe windows:4 windows x86 arch:x86

9b685ddf2fa1b38d4c5dfb6d8f8fbf1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
TlsGetValue
TerminateProcess
MultiByteToWideChar
GetUserDefaultLCID
RtlUnwind
EnumDateFormatsA
InitializeCriticalSection
HeapAlloc
CompareStringW
RemoveDirectoryA
GetModuleHandleA
UnhandledExceptionFilter
VirtualQuery
GetTickCount
GetStdHandle
GetCurrentThreadId
GetAtomNameA
GetDateFormatA
SetConsoleTitleA
QueryPerformanceCounter
LeaveCriticalSection
GetSystemInfo
WideCharToMultiByte
SystemTimeToFileTime
VirtualProtect
CreateProcessW
FormatMessageA
FreeEnvironmentStringsW
GetLocaleInfoA
GetCommandLineA
VirtualFree
EnumTimeFormatsA
GetFileType
TlsAlloc
CommConfigDialogW
GetStartupInfoA
EnterCriticalSection
LocalLock
GetLocaleInfoW
GetModuleFileNameA
HeapFree
GetProcAddress
HeapDestroy
SetLastError
IsBadWritePtr
VirtualAlloc
FreeEnvironmentStringsA
GetStringTypeA
CompareFileTime
LoadLibraryA
DeleteAtom
DeleteCriticalSection
GetACP
GetCurrentProcess
GetEnvironmentStrings
SetHandleCount
GetLastError
GetSystemTimeAsFileTime
WriteFile
TlsFree
GetTimeZoneInformation
GetOEMCP
LCMapStringW
GlobalSize
IsValidCodePage
GetCPInfo
GetVersionExA
CompareStringA
GetCurrencyFormatW
HeapReAlloc
LCMapStringA
InterlockedExchange
HeapSize
GetTimeFormatA
TlsSetValue
lstrcatW
IsValidLocale
GetCurrentThread
GetStringTypeW
ExitProcess
HeapCreate
GetCurrentProcessId
EnumSystemLocalesA
GetEnvironmentStringsW

comdlg32

GetOpenFileNameW

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b685ddf2fa1b38d4c5dfb6d8f8fbf1c

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 7KB - Virtual size: 35KB

.data Size: 280KB - Virtual size: 279KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 7KB - Virtual size: 35KB

.data
Size: 280KB - Virtual size: 279KB

.rsrc
Size: 16KB - Virtual size: 16KB