31f4230adbbce38a80578c79102b0a1c0df240920d84f3335a4aab3fb6c6dc96[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

31f4230adbbce38a80578c79102b0a1c0df240920d84f3335a4aab3fb6c6dc96.exe
Size

94KB
MD5

dc6a56c47497bf22da1da256075b2b96
SHA1

9a4bbe3919610a967d4d58753c3c8750f849e20f
SHA256

31f4230adbbce38a80578c79102b0a1c0df240920d84f3335a4aab3fb6c6dc96
SHA512

f2019729557b4cd03e6653a72f8e9bf4e53fafa662224af84478d3e8d7268cddd3b476c4ce61221b23d249b451b874f52225a0a289835b5307e0751a161acd39
SSDEEP

1536:HaT5HC7L9vnEexvevA17dfTWmU6WmQt8upcr/dF:HaT5aLaexbditRtsrFF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31f4230adbbce38a80578c79102b0a1c0df240920d84f3335a4aab3fb6c6dc96.exe

Files

31f4230adbbce38a80578c79102b0a1c0df240920d84f3335a4aab3fb6c6dc96.exe
.exe windows:5 windows x86 arch:x86

68992ada860c914ff00b212a72c4c509

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
lstrlenA
lstrcpyA
CreateFileA
lstrcmpA
lstrcatA
_lread
_lopen
_llseek
_lclose
_hread
WritePrivateProfileStringA
WinExec
UnhandledExceptionFilter
TerminateProcess
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadPriority
QueryPerformanceCounter
OpenFile
LockResource
LocalFree
LocalAlloc
LoadResource
LoadLibraryA
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersion
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoA
GetProcAddress
FindResourceA
GetPrivateProfileIntA
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
FreeResource
VirtualAlloc

user32

RegisterClassA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetCapture
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UnregisterClassA
UpdateWindow
WinHelpA
wsprintfA
LoadCursorW
PostMessageA
PeekMessageA
MoveWindow
MessageBoxA
MessageBeep
MapVirtualKeyA
LoadStringA
LoadIconA
LoadCursorA
RedrawWindow
IsIconic
InvalidateRect
GetWindowTextA
GetWindowRect
GetWindowLongA
GetSystemMetrics
GetParent
GetMessageA
GetMenu
GetKeyNameTextA
GetDlgItemTextA
GetDlgItem
GetDesktopWindow
GetDC
GetCursorPos
FindWindowA
FillRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextA
DrawMenuBar
DispatchMessageA
DialogBoxParamA
DialogBoxIndirectParamA
DestroyWindow
DeleteMenu
DefWindowProcA
CreateWindowExA
CheckMenuItem
ChangeDisplaySettingsA
LoadBitmapA
PostQuitMessage
BeginPaint
IsWindowVisible

gdi32

SetLayout
SetPaletteEntries
SetBkMode
SetTextColor
StretchDIBits
SelectPalette
SelectObject
ResizePalette
RealizePalette
GetSystemPaletteEntries
GetStockObject
GetPaletteEntries
GetObjectA
GetLayout
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreatePalette
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
SetSystemPaletteUse
BitBlt

advapi32

OpenProcessToken
RegOpenKeyExA
RegSaveKeyW
RegRestoreKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
GetTokenInformation
FreeSid
EqualSid
DuplicateTokenEx
CreateProcessAsUserW
AllocateAndInitializeSid

shell32

ShellAboutA

comctl32

InitCommonControlsEx

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
exit
free
malloc
towlower
wcschr
wcslen
wcstoul

Sections

.text3
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68992ada860c914ff00b212a72c4c509

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

msvcrt

Sections

.text3 Size: 512B - Virtual size: 300B

.text2 Size: 1024B - Virtual size: 1000B

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 512B - Virtual size: 200B

.rsrc Size: 14KB - Virtual size: 14KB

.text3
Size: 512B - Virtual size: 300B

.text2
Size: 1024B - Virtual size: 1000B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 512B - Virtual size: 200B

.rsrc
Size: 14KB - Virtual size: 14KB