71df0f59d2634568b6753b0a69d9c3fa70b085e59f11c5c7dda04a8b4b37c4f7

General

Target

71df0f59d2634568b6753b0a69d9c3fa70b085e59f11c5c7dda04a8b4b37c4f7
Size

326KB
MD5

5601c69020b1f8f0ca8db5d7c7cddd9d
SHA1

023d3111ba8f9fdcfd2de600ffa401a7c042bd2f
SHA256

71df0f59d2634568b6753b0a69d9c3fa70b085e59f11c5c7dda04a8b4b37c4f7
SHA512

ec6a123d0faccc1819fb91456b730ae2cf9a0755ce1b9df4732537b588af985fd6d4e40fa01a3a3904fa86a5b93cbdea56c8dbccf5ed300c26c4fb8ec2ea80eb
SSDEEP

6144:x9Y1hfuOJr4ZVkdL4LA2ZhYDPNWWkGy0keNbAgvp:/YnuZi540IhDaNVvp

Score

N/A

Malware Config

Signatures

Files

71df0f59d2634568b6753b0a69d9c3fa70b085e59f11c5c7dda04a8b4b37c4f7
.exe windows x86

f7a9b33b8a99a98d91563c62d9c69262

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertControlStore
CertAddStoreToCollection
CertFindCRLInStore
CertSaveStore
CertFindChainInStore
CryptFindOIDInfo
CertFindAttribute
CertGetNameStringA
CertFreeCRLContext
CertNameToStrA
CertDeleteCRLFromStore

kernel32

LoadLibraryA
GetCommandLineA
FindResourceExA
FormatMessageA
GetEnvironmentVariableA
DeleteFileA
SetPriorityClass
OpenFileMappingA
lstrcmp
CreateJobObjectA
GetModuleHandleA
GetFileAttributesA
GetTempFileNameA
WaitForSingleObject
WriteConsoleA
CreateSemaphoreW
FileTimeToSystemTime
lstrcmpiA
DecodePointer
CreateProcessA
CreateDirectoryA
GetProcAddress

shlwapi

UrlCreateFromPathW
UrlUnescapeA
UrlIsNoHistoryW
UrlCanonicalizeW
UrlGetPartA
UrlEscapeA
UrlCombineW
UrlHashW
PathIsRootW
UrlIsA
UrlGetLocationW
UrlCompareW

cmpbk32

PhoneBookLoad
PhoneBookCopyFilter
PhoneBookFreeFilter
PhoneBookEnumCountries

untfs

FormatEx
Format
Chkdsk
Recover
Extend

clusapi

CloseClusterGroup
ClusterControl
CloseClusterNode
CloseCluster

dsprop

ErrMsgParam
CrackName
CheckADsError
FindSheet

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lock
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7a9b33b8a99a98d91563c62d9c69262

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

kernel32

shlwapi

cmpbk32

untfs

clusapi

dsprop

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 29KB - Virtual size: 28KB

.lock Size: 250KB - Virtual size: 250KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 29KB - Virtual size: 28KB

.lock
Size: 250KB - Virtual size: 250KB

.rsrc
Size: 3KB - Virtual size: 3KB