31b837d3682681d13ac7431ae1e5061f39c3989adbcdc07ba3c16d259fc0e4aa[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

31b837d3682681d13ac7431ae1e5061f39c3989adbcdc07ba3c16d259fc0e4aa.exe
Size

576KB
MD5

0652e80ff6195d176fdaf8e2b4275370
SHA1

ab41b7f88b4814e7fab8d0057123ba532700fe89
SHA256

31b837d3682681d13ac7431ae1e5061f39c3989adbcdc07ba3c16d259fc0e4aa
SHA512

8d5819a44c0de8700164c89b455bd6cc38eea2025ef187f07913ea3abebb9b637698aa515fb30a4b3af76a377917b9ca14137a18ed7e66d05c6cb9e893b47623
SSDEEP

12288:NrfTQEGvfYu7MUAfZ/au7t+04UXHuXGzB/xNEZvR/:icSG95CZvF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31b837d3682681d13ac7431ae1e5061f39c3989adbcdc07ba3c16d259fc0e4aa.exe

Files

31b837d3682681d13ac7431ae1e5061f39c3989adbcdc07ba3c16d259fc0e4aa.exe
.exe windows:4 windows x86 arch:x86

7015573c0e818fac92271225c1dea0b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

ZMINVER
PropertiesEx
ZPREXTEND
DITTA
GetLeftChar
ISAMExvInterpreter
GetAllocMem
FreeMemory
GetMemory
XRS2
XRS1
pFrmtBuffer
VARLIST
TABOffset
RestoreKeyBuffers
RPEE
RFLV
RPED
CheckProto
SaveKeyBuffers
SearchString
StrToUpper
GetPartOfString
ZMINVERUX
ZTRADVER
SaveLocalData
FormatSearchGraph
FRMCheckFormGraph
FRMSetNOTNameGraph
FormatDouble
BCXFreeDynaArray
BCXGetDynaArray
PHE
iProtMat
pszSaveCurrentModule
CheckDate
fd11
GetRightChar
InvertPeriod
fd1
FNCFE
MakeDirectory
AddSl
InvertDate
EDFormatWithFRMT
ZMIGL
fd3
fd10
StrAdd
pszCurrentModule
szTmpBuf
GR
TABSet
PHB
DBXISAMExvInterpreter
PHD
DBFILEINFO
RADDR
RCISSW
ZRCID
SkipRightBlk
iDBXError
SetString
PRINTINFO
strtrim
IDS_SPRING
TABJumpRowsExt
TABInitPrinterExt
TABWriteLineExt
ZPRDESEXT
TABCheckIntrExt
bModuleRequired
CreateSharedMem
TABClosePrinting
pShMem
pVersione
RemoveSharedMem
GetSharedMemPtr
pszSUBProto
bOptimizeSearch
iNewFrmSpec
PROGC
psArgv
iArgc
GetDate
pvTerminateProgram
BcxExit
ZSRVVER
GetTSRHandlers
ZSYSTEM
DBXAccess
SetPROFSettings
PRNClosePrinter
PR
PHP
WS
BCXMessageBox
ZPPID
FormatNumber
IDS_QUADRO
RestoreLocalData
pInfoExe

bc32ui

WgsSetUncheckedKeys
NCK
NRRI
NRCI
RCMEM
WgsMemoryList
wKeyFlags
cRowsRI
cColsRI
RI
TRIC
RCNOID
RIPBOX
szProgramName
ZNUMDEC
pszID
WgsSetEnabledKeys
WgsMessageBox
WgsDefineWindow
WgsDrawScreenFrame
WgsDrawOutput
WgsFormatColumn
RCCHAN
RCMKEY
KYM
WgsSetDefinedKeys
NOIVA
CANVID
WgsFileList
ABC
pszWindowHeader
RRI
ZDECOD
RCI
WgsDrawScreen
WgsSetValidateInput
WgsGetVideoInput
WgsCheckInputData
WgsRestoreInputData
pszErrorMessage
WgsRestoreWindow
RO
RIF
RRA
RTAB
SYSDATEXT
RCSRCH
SearchSTR
SYSDAT
WgsInitData
WgsStartAppThread
WgsRunMainThreadLoop
WgsExitAppThread

kernel32

ExitProcess
TerminateProcess
GetCurrentProcessId
GetModuleHandleA
GetStartupInfoA
GetCurrentProcess
GetVersion
WideCharToMultiByte
GetCommandLineA
RaiseException
UnhandledExceptionFilter
GetProcAddress
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetModuleFileNameA
GetEnvironmentStringsW
SetHandleCount
GetEnvironmentStrings
GetFileType
HeapDestroy
GetStdHandle
VirtualFree
HeapFree
HeapCreate
WriteFile
GetLastError
RtlUnwind
HeapAlloc
GetExitCodeProcess
GetFileAttributesA
CloseHandle
CreateProcessA
WaitForSingleObject
MultiByteToWideChar
GetCPInfo
SetFilePointer
CompareStringW
GetACP
CompareStringA
SetEnvironmentVariableA
GetStringTypeA
GetOEMCP
VirtualAlloc
HeapReAlloc
GetStringTypeW
LoadLibraryA
SetStdHandle
LCMapStringW
FlushFileBuffers
LCMapStringA

user32

wsprintfA

Sections

.text
Size: 480KB - Virtual size: 479KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7015573c0e818fac92271225c1dea0b6

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

user32

Sections

.text Size: 480KB - Virtual size: 479KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 80KB - Virtual size: 85KB

.rsrc Size: 4KB - Virtual size: 232B

.text
Size: 480KB - Virtual size: 479KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 80KB - Virtual size: 85KB

.rsrc
Size: 4KB - Virtual size: 232B