f3b21b41ee5795198da99cf61d16cbe8e09370bdc9bd4421e52cb30143ec077e

Sharing

Copy URL Twitter E-mail

General

Target

f3b21b41ee5795198da99cf61d16cbe8e09370bdc9bd4421e52cb30143ec077e
Size

195KB
MD5

4afb15dcd731b19e5b5a09cf4e5c2b60
SHA1

8e43c0cee1dce78ec66f46eef12d67d8126b69ac
SHA256

f3b21b41ee5795198da99cf61d16cbe8e09370bdc9bd4421e52cb30143ec077e
SHA512

c91b4a8444f8af7c0fdb89de29a449d02629b842056c10d7078eb97daba337b9f99cd5aa7809e1c3a80d61e75b76f3ab1aad9d8e250ad0a08dbce32ebe09e006
SSDEEP

3072:V+GE0JFT6DZy9U7M13xX6SIUGVVU6VM8Zw+yj10yzXPsfAZwIC+idOrL2QpE/:V+GRFWDWUI13x3IUkNu8uZEfqk

Score

N/A

Malware Config

Signatures

Files

f3b21b41ee5795198da99cf61d16cbe8e09370bdc9bd4421e52cb30143ec077e
.exe windows x86

0218e30021a531537149c3a6a9ae037c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
FileTimeToSystemTime
GetDateFormatW
QueryPerformanceCounter
GetLastError
OutputDebugStringW
GetModuleFileNameW
GlobalUnlock
InitializeCriticalSection
LocalFree
GetCPInfo
FileTimeToLocalFileTime
LoadLibraryW
lstrcpyW
IsBadReadPtr
GetTickCount
CloseHandle
GetCurrentThread
CreateFileW
GlobalFree
GlobalAlloc
GetStartupInfoA
GetModuleHandleA
lstrlenW
InterlockedIncrement
WideCharToMultiByte
SetUnhandledExceptionFilter
LocalReAlloc
GetSystemDefaultLangID
InterlockedDecrement
GetProcAddress
DeleteCriticalSection
SetLastError
lstrcmpiW
FormatMessageW
GetEnvironmentStringsW
GetComputerNameW
OutputDebugStringA
GetSystemWindowsDirectoryW
GlobalLock
GetSystemTimeAsFileTime

msvcrt

_except_handler3
wcsstr
__RTDynamicCast
??1type_info@@UAE@XZ
__dllonexit
free
_wcsupr
memmove
??2@YAPAXI@Z
wcschr
wcsrchr
?terminate@@YAXXZ
wcslen
wcscpy
vswprintf
??3@YAXPAX@Z
_onexit
wcstoul
_initterm
malloc
_adjust_fdiv
wcscat
_wcsicmp
wcscmp
mbstowcs

user32

DialogBoxParamW
LoadIconW
ReleaseDC
GetWindowLongW
LoadStringW
wsprintfW
EndDialog
SystemParametersInfoW
SendDlgItemMessageW
EnableWindow
SetWindowTextW
SendMessageW
GetDC
GetDlgItem
LoadImageW
SetDlgItemTextW
SetFocus
PostMessageW
SetCursor
InsertMenuItemW
RegisterClipboardFormatW
LoadBitmapW
LoadCursorW
SetWindowLongW
MessageBoxW
GetParent
GetDlgItemTextA
WinHelpW

certcli

CAGetCertTypeFlags
CAGetCertTypePropertyEx
CAFindByName
CAFreeCAProperty
CAGetCertTypeProperty
CACertTypeGetSecurity
CASetCertTypeProperty
CAUpdateCA
CAGetCertTypeExtensions
CACertTypeSetSecurity
CASetCertTypeFlags
CAGetCertTypeKeySpec
CACloseCertType
CAGetCAProperty
CASetCertTypeKeySpec
CACloseCA
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CAAddCACertificateType
CAUpdateCertType
CASetCertTypeExtension
CAEnumNextCertType
CACreateCertType
CAFreeCertTypeProperty
CARemoveCACertificateType
CAFindCertTypeByName
CAEnumCertTypes

advapi32

RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0218e30021a531537149c3a6a9ae037c

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

certcli

advapi32

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 70KB - Virtual size: 69KB

.data Size: 46KB - Virtual size: 6.2MB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 70KB - Virtual size: 69KB

.data
Size: 46KB - Virtual size: 6.2MB

.rsrc
Size: 1KB - Virtual size: 1KB