53b14e355e7aac45510dba0d19ec9c949b3ed3a3f1e7d43b3a037e819d674b63

Sharing

Copy URL

Twitter E-mail

General

Target

53b14e355e7aac45510dba0d19ec9c949b3ed3a3f1e7d43b3a037e819d674b63
Size

235KB
MD5

574794b71256bac6707ff5a920926d70
SHA1

9e584effcd7e7b0d25fb00c388cf5a5e14c47455
SHA256

53b14e355e7aac45510dba0d19ec9c949b3ed3a3f1e7d43b3a037e819d674b63
SHA512

6b818bcc0888b89b52e4c958ff4ef96617d3c13b31d113db92563f9599ff626379418efd4e228118e466a97121083881c698c8cfdefd66e85d5e88b60270ca59
SSDEEP

6144:i1OZhLZ025oZNU52zl0q9P2nuIcuG4NBS7rMIhRvyy:xB0w4UAz4M94Nurpray

Score

N/A

Malware Config

Signatures

Files

53b14e355e7aac45510dba0d19ec9c949b3ed3a3f1e7d43b3a037e819d674b63
.exe windows x86

2c5cadeb696a7b83b0138564f4bbc165

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

FindFileInPath
SymMatchString
UpdateDebugInfoFileEx
SymFromName
FindExecutableImage
ReBaseImage64
ImageAddCertificate
UpdateDebugInfoFile
SymEnumTypes
SymRegisterFunctionEntryCallback64
SymEnumerateSymbolsW
SymFunctionTableAccess
ImageGetCertificateData
ImageRemoveCertificate
SymRegisterFunctionEntryCallback
ImageGetDigestStream
SymGetSymFromAddr
FindDebugInfoFileEx
SymGetSymPrev64
SymGetLineFromAddr64
SymGetLineNext
SymGetSymFromName
SymUnDName64
SymEnumerateSymbolsW64
SymGetModuleBase
ImageNtHeader

dbghelp

SymGetTypeFromName
SearchTreeForFile
SymLoadModule
ImageRvaToSection
SymRegisterFunctionEntryCallback
SymGetTypeInfo
StackWalk
SymMatchString
dh
SymMatchFileName
SymSetContext
SymEnumSymbols
SymRegisterCallback64
SymSetSearchPath
SymLoadModule64
omap
SymGetModuleBase64
SymEnumerateSymbols64
SymFindFileInPath
SymGetLineFromAddr
ImageRvaToVa
SymSetOptions
SymLoadModuleEx
SymEnumerateSymbolsW
srcfiles

crypt32

CryptUnregisterOIDFunction
CertVerifyTimeValidity
CertSetStoreProperty
I_CryptFlushLruCache
CertEnumPhysicalStore
I_CryptGetDefaultCryptProvForEncrypt
CryptBinaryToStringA
CertVerifyCTLUsage
RegOpenKeyExU
CertDuplicateCRLContext
CertGetEnhancedKeyUsage
CryptImportPKCS8
CryptEnumOIDInfo
I_CryptCreateLruEntry
CryptSignAndEncodeCertificate
CertRemoveStoreFromCollection
CryptSIPRetrieveSubjectGuidForCatalogFile
CertCompareCertificate
CertRegisterSystemStore
PFXExportCertStoreEx
CryptSetProviderU
CryptRegisterDefaultOIDFunction
CertDeleteCTLFromStore
I_CryptGetLruEntryData
CertAddCRLContextToStore
CryptImportPublicKeyInfoEx
I_CryptEnableLruOfEntries
CertDuplicateStore
CryptGetKeyIdentifierProperty
I_CryptGetAsn1Encoder
CryptDecryptMessage
CryptHashToBeSigned
CertEnumCertificateContextProperties
CertEnumSystemStoreLocation
CertGetCTLContextProperty
RegCreateHKCUKeyExU
CryptEncryptMessage
I_CryptInsertLruEntry
CryptEncodeObject
CryptEnumProvidersU
CertSaveStore
I_CryptReleaseLruEntry
CertFindCertificateInStore
I_CryptGetLruEntryIdentifier
CertAddSerializedElementToStore
CertEnumCTLsInStore
CryptProtectData
CertRemoveEnhancedKeyUsageIdentifier
CertAddCTLContextToStore
I_CryptUnregisterSmartCardStore
CertEnumCTLContextProperties
CertFindChainInStore
RegSetValueExU
CertVerifyCRLTimeValidity
CertFreeCertificateContext
CertStrToNameW
CryptBinaryToStringW
CertEnumCertificatesInStore
I_CertSrvProtectFunction

hid

HidP_GetData
HidP_SetScaledUsageValue
HidD_GetIndexedString
HidP_GetCaps
HidD_GetProductString
HidP_GetUsages
HidD_GetPhysicalDescriptor
HidP_GetSpecificButtonCaps
HidD_GetHidGuid
HidP_GetButtonCaps
HidP_GetValueCaps
HidD_SetNumInputBuffers
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetInputReport
HidP_GetScaledUsageValue
HidP_SetUsages
HidD_SetFeature
HidP_MaxUsageListLength
HidD_GetNumInputBuffers

crtdll

atoi
_ismbcsymbol
feof
_msize
_fputchar
_mbbtype
fclose
_CIcosh
toupper
_ismbclegal
_ismbstrail
_ltoa
_memccpy
__argc_dll
_mbsnicmp
_swab
_tempnam
iswalpha
_yn
_strspnp
fgetc
_j1
_setmode
wcscoll
iswascii
wcstol
wcsncmp

kernel32

GetLocaleInfoA
CreateEventW
LoadLibraryW
SetConsoleScreenBufferSize
CompareFileTime
GetConsoleCommandHistoryLengthA
GetFirmwareEnvironmentVariableW
FormatMessageA
CopyLZFile
PeekConsoleInputA
GetLargestConsoleWindowSize
GetEnvironmentStringsA
HeapLock
VerLanguageNameA
GetProcessId
PeekConsoleInputW

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c5cadeb696a7b83b0138564f4bbc165

Headers

File Characteristics

Imports

imagehlp

dbghelp

crypt32

hid

crtdll

kernel32

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 74KB - Virtual size: 74KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 74KB - Virtual size: 74KB

.rsrc
Size: 5KB - Virtual size: 5KB