87d2ad675a655a9bcbfa83c808c5ca8068e4b2b5d8a1ccd349b0e82c2d5f5b84

Sharing

Copy URL Twitter E-mail

General

Target

87d2ad675a655a9bcbfa83c808c5ca8068e4b2b5d8a1ccd349b0e82c2d5f5b84
Size

197KB
MD5

516ebbb3a69c61c4bdfb459dea9876c8
SHA1

9d1cf15698946d5c6eb382f88ef1e5c163c7f1f0
SHA256

87d2ad675a655a9bcbfa83c808c5ca8068e4b2b5d8a1ccd349b0e82c2d5f5b84
SHA512

0ec864bf1c42dfca9ba4e338760f7207675fe7a0aa11fcf966416ccb16f54b53ae5a775b5cddabb3e32684b0d5ba3056e5d79e260d94e824d61bdb08ab810bb6
SSDEEP

3072:dX5amxszblGTzMrsnw4FcP+F+ltobWHXBhf5qqK6GS10RxOOIWM3CltQ/Zao4H:dX5H6zblGEgnrF+DoQXBPqqFykG9AaoS

Score

N/A

Malware Config

Signatures

Files

87d2ad675a655a9bcbfa83c808c5ca8068e4b2b5d8a1ccd349b0e82c2d5f5b84
.exe windows x86

11102c8fc0455772886385cfcb71da81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW

user32

SendDlgItemMessageW
SetDlgItemTextW
GetDC
SystemParametersInfoW
GetParent
LoadBitmapW
wsprintfW
EndDialog
LoadCursorW
SetFocus
EnableWindow
WinHelpW
ReleaseDC
GetDlgItem
PostMessageW
DialogBoxParamW
LoadStringW
RegisterClipboardFormatW
LoadIconW
SetWindowLongW
LoadImageW
GetWindowLongW
SetCursor
GetDlgItemTextA
InsertMenuItemW
SendMessageW
MessageBoxW
SetWindowTextW

kernel32

GetComputerNameW
LocalFree
CloseHandle
GetStartupInfoA
lstrlenW
GetLastError
CreateFileW
OutputDebugStringW
IsBadReadPtr
LocalReAlloc
GetCurrentProcess
FormatMessageW
lstrcmpiW
SetLastError
InterlockedIncrement
GetDateFormatW
GlobalLock
FileTimeToLocalFileTime
lstrcpyW
GetModuleHandleA
DeleteCriticalSection
GetSystemTimeAsFileTime
RemoveDirectoryW
FileTimeToSystemTime
GetACP
GetEnvironmentStringsW
OutputDebugStringA
GetSystemWindowsDirectoryW
GlobalAlloc
WideCharToMultiByte
GetTickCount
GetModuleFileNameW
InitializeCriticalSection
QueryPerformanceCounter
LoadLibraryW
GlobalUnlock
GetSystemDefaultLangID
GlobalFree
SetUnhandledExceptionFilter
InterlockedDecrement

certcli

CASetCertTypeProperty
CACertTypeGetSecurity
CAFindCertTypeByName
CACloseCA
CAGetCAProperty
CAGetCertTypePropertyEx
CAEnumCertTypes
CAFreeCertTypeProperty
CAFindByName
CASetCertTypeExtension
CAEnumCertTypesForCA
CAUpdateCA
CAAddCACertificateType
CAUpdateCertType
CARemoveCACertificateType
CAGetCertTypeExtensions
CACertTypeSetSecurity
CASetCertTypeFlags
CASetCertTypeKeySpec
CACloseCertType
CAEnumNextCertType
CAGetCertTypeFlags
CACreateCertType
CAGetCertTypeKeySpec
CAGetCertTypeProperty
CAFreeCertTypeExtensions
CAFreeCAProperty

msvcrt

??2@YAPAXI@Z
free
wcsrchr
wcsstr
_initterm
wcscmp
wcslen
_except_handler3
wcschr
_onexit
wcscpy
??1type_info@@UAE@XZ
mbstowcs
?terminate@@YAXXZ
wcscat
malloc
_wcsicmp
_purecall
vswprintf
??3@YAXPAX@Z
wcstoul
__RTDynamicCast
memmove
__dllonexit
_wcsupr
_adjust_fdiv

comctl32

CreatePropertySheetPageW
PropertySheetW

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11102c8fc0455772886385cfcb71da81

Headers

File Characteristics

Imports

advapi32

user32

kernel32

certcli

msvcrt

comctl32

gdi32

Sections

.text Size: 72KB - Virtual size: 71KB

.data Size: 14KB - Virtual size: 14KB

.data Size: 107KB - Virtual size: 6.2MB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 72KB - Virtual size: 71KB

.data
Size: 14KB - Virtual size: 14KB

.data
Size: 107KB - Virtual size: 6.2MB

.rsrc
Size: 1KB - Virtual size: 1KB