08970921851292567df6b311f05e9082fb49a9408a800ed34846cb4798db8ef2

Sharing

Copy URL Twitter E-mail

General

Target

08970921851292567df6b311f05e9082fb49a9408a800ed34846cb4798db8ef2
Size

200KB
MD5

64ca26c4a8dba08f51b4010c1aa8a669
SHA1

51e615c0feb5592007c213fe9be870c83d0b6780
SHA256

08970921851292567df6b311f05e9082fb49a9408a800ed34846cb4798db8ef2
SHA512

b48207c15347fd7b1952180f937972b928be0a000ae7e74f0e9720e2d9893c17098ac957ddae9564e01cad03b269cc9af6f7a3746ddd0de2e069d0143a8afebf
SSDEEP

6144:5Imx6PegDc+K9i3KrfGoPLm+xnhiNv+xS:57x4ycKaoVxn0CS

Score

N/A

Malware Config

Signatures

Files

08970921851292567df6b311f05e9082fb49a9408a800ed34846cb4798db8ef2
.exe windows x86

600d1e2fd44337b53dc42f132ac8cf6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW

kernel32

GetSystemDefaultLangID
GlobalFree
InterlockedIncrement
FileTimeToLocalFileTime
LocalReAlloc
FormatMessageW
LoadLibraryW
GetComputerNameW
OutputDebugStringA
GetModuleHandleA
GlobalUnlock
GetEnvironmentStringsW
GetACP
GlobalLock
InitializeCriticalSection
GetSystemWindowsDirectoryW
GetDateFormatW
FileTimeToSystemTime
SetUnhandledExceptionFilter
GetTickCount
LocalFree
GetStartupInfoA
QueryPerformanceCounter
lstrlenW
lstrcpyW
GetCurrentProcess
lstrcmpiW
InterlockedDecrement
CreateFileW
SetLastError
WideCharToMultiByte
CloseHandle
GlobalAlloc
IsBadReadPtr
DeleteCriticalSection
RemoveDirectoryA
OutputDebugStringW
GetSystemTimeAsFileTime
GetLastError
GetModuleFileNameW

msvcrt

memmove
wcsrchr
wcsstr
__RTDynamicCast
_wcsupr
malloc
??1type_info@@UAE@XZ
_onexit
wcslen
vswprintf
??2@YAPAXI@Z
free
??3@YAXPAX@Z
__dllonexit
_purecall
mbstowcs
wcscmp
_wcsicmp
?terminate@@YAXXZ
wcscpy
wcstoul
_initterm
wcschr
_adjust_fdiv
_except_handler3
wcscat

certcli

CACloseCertType
CACloseCA
CASetCertTypeExtension
CASetCertTypeKeySpec
CACertTypeSetSecurity
CAGetCertTypeFlags
CACreateCertType
CAUpdateCertType
CAFreeCertTypeProperty
CASetCertTypeFlags
CAGetCertTypePropertyEx
CAEnumNextCertType
CAFindByName
CAEnumCertTypes
CAFindCertTypeByName
CASetCertTypeProperty
CARemoveCACertificateType
CAGetCertTypeExtensions
CACertTypeGetSecurity
CAAddCACertificateType
CAGetCertTypeKeySpec
CAUpdateCA
CAGetCAProperty
CAGetCertTypeProperty
CAFreeCAProperty
CAEnumCertTypesForCA
CAFreeCertTypeExtensions

user32

LoadStringW
SendDlgItemMessageW
LoadIconW
LoadImageW
InsertMenuItemW
SystemParametersInfoW
DialogBoxParamW
GetDlgItem
SetDlgItemTextW
SetWindowTextW
EnableWindow
wsprintfW
PostMessageW
SetCursor
EndDialog
GetDlgItemTextA
GetParent
GetWindowLongW
LoadCursorW
WinHelpW
MessageBoxW
RegisterClipboardFormatW
LoadBitmapW
GetDC
SetWindowLongW
ReleaseDC
SendMessageW
SetFocus

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

600d1e2fd44337b53dc42f132ac8cf6d

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

certcli

user32

comctl32

Sections

.text Size: 116KB - Virtual size: 115KB

.data Size: 52KB - Virtual size: 52KB

.data Size: 27KB - Virtual size: 6.2MB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 116KB - Virtual size: 115KB

.data
Size: 52KB - Virtual size: 52KB

.data
Size: 27KB - Virtual size: 6.2MB

.rsrc
Size: 2KB - Virtual size: 1KB