c31e63ddf74305b3b71f3026f50b474d1f4d01c7795b5fc3898160ceca0b8ced

General

Target

c31e63ddf74305b3b71f3026f50b474d1f4d01c7795b5fc3898160ceca0b8ced
Size

76KB
MD5

a0c466716607a2e28819adf95d0c73e2
SHA1

af8382c89379c521e906f2f939166f6518ff15e0
SHA256

c31e63ddf74305b3b71f3026f50b474d1f4d01c7795b5fc3898160ceca0b8ced
SHA512

bdb2c99ddfdba347bfbaf9914304287c872d64f22dc3d3ed38e2e36139174d37db3f76cf571764d9a916088e64d74bc6092cf44a979f786efdc8f7a8c115d861
SSDEEP

768:DSSoH6l3JT7NO+z9dm2u81lKc8x2aIyzKXSnqsIRm834t1rafV4NzuiCYuWIGijT:D9ZdaIEgcGV/idVi8dx5OiZLNV6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c31e63ddf74305b3b71f3026f50b474d1f4d01c7795b5fc3898160ceca0b8ced

Files

c31e63ddf74305b3b71f3026f50b474d1f4d01c7795b5fc3898160ceca0b8ced
.exe windows:4 windows x86 arch:x86

5317f156f64967edb0eb69aff3e9fb9c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSecurityDescriptorLength
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetKernelObjectSecurity

msvcrt

strrchr
localtime
mktime
_sopen
clearerr
_errno
strchr
_pctype
_isctype
strncpy
rename
strncmp
ftell
getc
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
fseek
__p__fmode
__set_app_type
_except_handler3
_controlfp
fread
__mb_cur_max
qsort
mblen
rand
time
srand
printf
getenv
putchar
signal
puts
setlocale
sprintf
malloc
sscanf
putc
fopen
setvbuf
fwrite
fgets
fputs
perror
exit
fprintf
fclose
fflush
_iob
realloc
free
_exit
_get_osfhandle
__p__commode
_fdopen
_setmode
_fileno
_isatty
_tzset
_putenv
_spawnlp
_getpid
_close
_read
_stat
_unlink
_chmod
_mktemp
_strupr
_utime
_fstat
_rmdir
_strcmpi

kernel32

GetProcessHeap
HeapAlloc
lstrlenA
CreateMutexW
InterlockedExchange
HeapFree
ReleaseMutex
InitializeCriticalSection
WaitForSingleObject
LeaveCriticalSection
GetDriveTypeA
EnterCriticalSection
GetLastError
FindNextFileA
lstrcpynA
SetConsoleMode
ReadFile
GetConsoleMode
FileTimeToSystemTime
GetFullPathNameA
FileTimeToLocalFileTime
CreateFileA
GetFileTime
GetVolumeInformationW
GetFileType
GetVersion
CloseHandle
FindClose
GetFileAttributesA
FindFirstFileA
GetCurrentProcess
GetVolumeInformationA

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5317f156f64967edb0eb69aff3e9fb9c

Headers

File Characteristics

Imports

advapi32

msvcrt

kernel32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 314KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 314KB

.reloc
Size: 8KB - Virtual size: 5KB