199e5b093523dcd01732f2275fb62a4c1654ae4116bcf18f2809732826435dfa

Sharing

Copy URL Twitter E-mail

General

Target

199e5b093523dcd01732f2275fb62a4c1654ae4116bcf18f2809732826435dfa
Size

195KB
MD5

375bb7c6980ed92609f864e5b2f07536
SHA1

67ac4686726d4c1dbc9e9b6d9fb6ceaaac111279
SHA256

199e5b093523dcd01732f2275fb62a4c1654ae4116bcf18f2809732826435dfa
SHA512

bd2ce60ac4d37149a8714c06c4f27e92e9a5abe0090dfe845ae1bc7a5ff42d636336b319a6a9b5f585411487a02fdfb3f8c4547f0cf1ff2ee702bca559a26fb2
SSDEEP

3072:V+GE0JFT6DZy9U7M13xX6SIUGVVU6VM8Zw+yj10yzXPsfAZwIC+idOrL2QpEY:V+GRFWDWUI13x3IUkNu8uZEfqP

Score

N/A

Malware Config

Signatures

Files

199e5b093523dcd01732f2275fb62a4c1654ae4116bcf18f2809732826435dfa
.exe windows x86

0218e30021a531537149c3a6a9ae037c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
FileTimeToSystemTime
GetDateFormatW
QueryPerformanceCounter
GetLastError
OutputDebugStringW
GetModuleFileNameW
GlobalUnlock
InitializeCriticalSection
LocalFree
GetCPInfo
FileTimeToLocalFileTime
LoadLibraryW
lstrcpyW
IsBadReadPtr
GetTickCount
CloseHandle
GetCurrentThread
CreateFileW
GlobalFree
GlobalAlloc
GetStartupInfoA
GetModuleHandleA
lstrlenW
InterlockedIncrement
WideCharToMultiByte
SetUnhandledExceptionFilter
LocalReAlloc
GetSystemDefaultLangID
InterlockedDecrement
GetProcAddress
DeleteCriticalSection
SetLastError
lstrcmpiW
FormatMessageW
GetEnvironmentStringsW
GetComputerNameW
OutputDebugStringA
GetSystemWindowsDirectoryW
GlobalLock
GetSystemTimeAsFileTime

msvcrt

_except_handler3
wcsstr
__RTDynamicCast
??1type_info@@UAE@XZ
__dllonexit
free
_wcsupr
memmove
??2@YAPAXI@Z
wcschr
wcsrchr
?terminate@@YAXXZ
wcslen
wcscpy
vswprintf
??3@YAXPAX@Z
_onexit
wcstoul
_initterm
malloc
_adjust_fdiv
wcscat
_wcsicmp
wcscmp
mbstowcs

user32

DialogBoxParamW
LoadIconW
ReleaseDC
GetWindowLongW
LoadStringW
wsprintfW
EndDialog
SystemParametersInfoW
SendDlgItemMessageW
EnableWindow
SetWindowTextW
SendMessageW
GetDC
GetDlgItem
LoadImageW
SetDlgItemTextW
SetFocus
PostMessageW
SetCursor
InsertMenuItemW
RegisterClipboardFormatW
LoadBitmapW
LoadCursorW
SetWindowLongW
MessageBoxW
GetParent
GetDlgItemTextA
WinHelpW

certcli

CAGetCertTypeFlags
CAGetCertTypePropertyEx
CAFindByName
CAFreeCAProperty
CAGetCertTypeProperty
CACertTypeGetSecurity
CASetCertTypeProperty
CAUpdateCA
CAGetCertTypeExtensions
CACertTypeSetSecurity
CASetCertTypeFlags
CAGetCertTypeKeySpec
CACloseCertType
CAGetCAProperty
CASetCertTypeKeySpec
CACloseCA
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CAAddCACertificateType
CAUpdateCertType
CASetCertTypeExtension
CAEnumNextCertType
CACreateCertType
CAFreeCertTypeProperty
CARemoveCACertificateType
CAFindCertTypeByName
CAEnumCertTypes

advapi32

RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0218e30021a531537149c3a6a9ae037c

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

certcli

advapi32

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 70KB - Virtual size: 69KB

.data Size: 46KB - Virtual size: 6.2MB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 70KB - Virtual size: 69KB

.data
Size: 46KB - Virtual size: 6.2MB

.rsrc
Size: 1KB - Virtual size: 1KB