fc45cb15b9b99a536416062e19a241604bb47113b392b82335494204f69e6b7e

Sharing

Copy URL

Twitter E-mail

General

Target

fc45cb15b9b99a536416062e19a241604bb47113b392b82335494204f69e6b7e
Size

632KB
MD5

6e19ed93b77d42d41b79c3c176a85ee0
SHA1

3118e8b2b411e63883dbc1ebd5b86a8e9982d888
SHA256

fc45cb15b9b99a536416062e19a241604bb47113b392b82335494204f69e6b7e
SHA512

9c3c5174073a96a8a42abff0c9f8eb69887d87a0d354a8791daff792a58c69fd5a22a10c5e8cc90c6f40f232184764c8e87159c4d08e01a42f72fd6bad5ec6a7
SSDEEP

12288:a61vvgdFneOSg7vAmbFsBPuDraeXPOZgKbJHK/re7oPMF:a2nuICXKB2DraeXPOZar2JF

Score

N/A

Malware Config

Signatures

Files

fc45cb15b9b99a536416062e19a241604bb47113b392b82335494204f69e6b7e
.exe windows x86

0d1153f78c761173231a548430873dfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

vwprintf
_wcsicmp
_controlfp
_except_handler3
__set_app_type
malloc
wcscat
_adjust_fdiv
__setusermatherr
_initterm
exit
_XcptFilter
_exit
_wasctime
wcscpy
swprintf
wprintf
towupper
printf
realloc
scanf
wcslen
strtok
free
_wtol
__wgetmainargs
__p__fmode
__p__commode
__p___winitenv

advapi32

CryptReleaseContext
CryptAcquireContextA

kernel32

GetSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
MultiByteToWideChar
GetLastError
SetLastError
CompareFileTime
FileTimeToSystemTime
WriteFile
GetFileSize
CreateFileMappingA
MapViewOfFile
CloseHandle
GetVersionExA
WideCharToMultiByte
LocalAlloc
GetModuleHandleA
UnmapViewOfFile
LocalFree

crypt32

CryptFreeOIDFunctionAddress
CertSaveStore
CertAddCertificateContextToStore
CryptGetOIDFunctionAddress
CreateFileU
CryptFindOIDInfo
CryptDecodeObject
CertRDNValueToStrA
CertRDNValueToStrW
CertCloseStore
CryptMsgClose
CryptRegisterOIDInfo
CryptInstallOIDFunctionAddress
CryptInitOIDFunctionSet
CertAddEncodedCertificateToStore
CertAddEncodedCRLToStore
CertAddEncodedCTLToStore
CertOpenStore
CertFreeCTLContext
CertAddCTLContextToStore
CertFindCTLInStore
CertFreeCRLContext
CertAddCRLContextToStore
CertFreeCertificateContext
CryptSIPRetrieveSubjectGuid
CertFindCertificateInStore
CertEnumCTLsInStore
CertGetCRLFromStore
CertEnumCertificatesInStore
CertEnumCertificateContextProperties
CertDuplicateCertificateContext
CertDuplicateCTLContext
CertDeleteCTLFromStore
CertDuplicateCRLContext
CertDeleteCRLFromStore
CertDeleteCertificateFromStore
CertSetCertificateContextProperty
CryptEncodeObject
CertGetCRLContextProperty
CertGetPublicKeyLength
CryptHashPublicKeyInfo
CertGetCertificateContextProperty
CertGetCTLContextProperty
CryptMsgGetAndVerifySigner
CryptMsgGetParam
CryptMsgUpdate
CryptMsgOpenToDecode
CryptSIPLoad

cryptui

CryptUIDlgCertMgr

user32

LoadStringA
LoadStringW

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 596KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d1153f78c761173231a548430873dfc

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

crypt32

cryptui

user32

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 596KB - Virtual size: 1.8MB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 596KB - Virtual size: 1.8MB