31f0434f600fe781d681e7cfd9eea160N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

31f0434f600fe781d681e7cfd9eea160N.exe
Size

1.4MB
MD5

31f0434f600fe781d681e7cfd9eea160
SHA1

fa4c617b8609ab5b0967b4babf68959b43ccc9a6
SHA256

0d8a02d2f4ece93b2b79ea1e291cf6405561b474a141d08f0d1da47513d1231b
SHA512

55a03b6f37d116aec9367fa24955fc748b2e417ad83d580cc96bc9f3d156e847582a5e34e8b3155288fcdb3b036028e1de92173ae677392765328208110d411e
SSDEEP

24576:BDjFssFP4MuOl8YOQ67nizyhs1EbGK0BknGcKZNsHyLxSXUwc:B1Dygzea1EboOGcqNrpw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31f0434f600fe781d681e7cfd9eea160N.exe

Files

31f0434f600fe781d681e7cfd9eea160N.exe
.dll regsvr32 windows:6 windows x86 arch:x86

809283495e041b665af5e9393d46f5cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msjet40.pdb

Imports

mswstr10

ord2
ord4
ord1

advapi32

GetUserNameA
OpenThreadToken
SetThreadToken
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyW
RegEnumValueA
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExW

kernel32

SetEnvironmentVariableA
ReadConsoleW
GetDriveTypeA
SetStdHandle
DisableThreadLibraryCalls
CreateFileA
DeleteFileA
CloseHandle
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLocalTime
GetTickCount
VirtualAlloc
VirtualFree
VirtualQuery
FreeLibrary
GetProcAddress
GetTempPathA
GetUserDefaultLCID
FindClose
FindFirstFileA
Sleep
LoadLibraryExA
GetLocaleInfoA
FlushFileBuffers
GetFileInformationByHandle
GetFileSize
GetFileType
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
HeapAlloc
HeapFree
GetProcessHeap
SetThreadPriority
ResumeThread
GetSystemInfo
GlobalMemoryStatus
GetComputerNameA
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetCurrentThreadId
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
MultiByteToWideChar
WideCharToMultiByte
GetNumberFormatA
GetCurrencyFormatA
CreateFileW
DeleteFileW
FindFirstFileW
SetFilePointerEx
GetDriveTypeW
GetFileAttributesA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
GetShortPathNameW
GetTempFileNameW
GetTempPathW
SetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
LoadLibraryExW
GetShortPathNameA
GetTempFileNameA
GetComputerNameW
GetLocaleInfoW
IsDBCSLeadByte
GetCurrentThread
IsDebuggerPresent
IsProcessorFeaturePresent
GetStringTypeW
HeapReAlloc
EncodePointer
DecodePointer
RtlUnwind
GetStdHandle
GetModuleHandleExW
WriteConsoleW
RaiseException
ExitThread
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
AreFileApisANSI
GetTimeZoneInformation
HeapSize
OutputDebugStringW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringW
LCMapStringW
GetConsoleCP
GetConsoleMode

ole32

CoCreateGuid
CoCreateInstance

oleaut32

SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysStringLen

user32

CharUpperW
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
TranslateMessage
CharUpperA

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

809283495e041b665af5e9393d46f5cf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mswstr10

advapi32

kernel32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 29KB - Virtual size: 304KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 175KB - Virtual size: 175KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 29KB - Virtual size: 304KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 175KB - Virtual size: 175KB