4eddd3c8e62015fc53a61052b3f9ef29a35776b5ab3baafe3ab0ff1bbc0ac540

Sharing

Copy URL Twitter E-mail

General

Target

4eddd3c8e62015fc53a61052b3f9ef29a35776b5ab3baafe3ab0ff1bbc0ac540
Size

198KB
MD5

48b7a656c04d537618d086fe6728a1bb
SHA1

5f0832b284df106741242d4b06cc2492ae5e8a69
SHA256

4eddd3c8e62015fc53a61052b3f9ef29a35776b5ab3baafe3ab0ff1bbc0ac540
SHA512

e36ba65b2d2350e3a046631cd3f5fd0d82ab223cd0e830647e459f3a38dc77e2ab084d2af04b6dcde74bb0322fa0a09f609b801dcecf3ebf31f862d634de0f06
SSDEEP

6144:RkyZMgk3x3o6V5Qgv03ah2g/843qkTL4IA5sY32umMqS:qyKv3VQT3093jTsIluNx

Score

N/A

Malware Config

Signatures

Files

4eddd3c8e62015fc53a61052b3f9ef29a35776b5ab3baafe3ab0ff1bbc0ac540
.exe windows x86

79ee41a87769e617b259f99b4f7b0e36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GlobalFree
InterlockedIncrement
GetCPInfo
GetDateFormatW
GetTickCount
OutputDebugStringA
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
WideCharToMultiByte
GlobalLock
lstrcmpiW
GetEnvironmentStringsW
QueryPerformanceCounter
SetLastError
FormatMessageW
IsBadReadPtr
GetProcAddress
GlobalUnlock
GetStartupInfoA
GetCurrentThread
GetComputerNameW
FileTimeToSystemTime
GetSystemWindowsDirectoryW
GetModuleHandleA
LocalFree
GlobalAlloc
FileTimeToLocalFileTime
lstrcpyW
GetLastError
GetCurrentProcess
LocalReAlloc
InterlockedDecrement
LoadLibraryW
InitializeCriticalSection
CloseHandle
DeleteCriticalSection
OutputDebugStringW
GetModuleFileNameW
GetSystemDefaultLangID
CreateFileW

msvcrt

wcsstr
memmove
__dllonexit
__RTDynamicCast
wcscmp
_onexit
free
mbstowcs
_initterm
_wcsupr
wcsrchr
?terminate@@YAXXZ
_adjust_fdiv
??3@YAXPAX@Z
wcscat
_except_handler3
wcschr
wcstoul
??2@YAPAXI@Z
wcslen
??1type_info@@UAE@XZ
vswprintf
_wcsicmp
malloc
wcscpy

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW

certcli

CARemoveCACertificateType
CAEnumNextCertType
CACloseCA
CAGetCertTypeExtensions
CAGetCertTypePropertyEx
CAFreeCertTypeProperty
CAFreeCAProperty
CAFindByName
CAUpdateCertType
CASetCertTypeKeySpec
CASetCertTypeExtension
CAGetCertTypeProperty
CACertTypeSetSecurity
CASetCertTypeProperty
CAGetCAProperty
CAGetCertTypeFlags
CAGetCertTypeKeySpec
CASetCertTypeFlags
CAEnumCertTypes
CAAddCACertificateType
CAFreeCertTypeExtensions
CACertTypeGetSecurity
CAUpdateCA
CACreateCertType
CAFindCertTypeByName
CAEnumCertTypesForCA
CACloseCertType

user32

PostMessageW
GetWindowLongW
SetWindowLongW
SetCursor
SetDlgItemTextW
wsprintfW
SetWindowTextW
LoadCursorW
GetParent
LoadBitmapW
EndDialog
InsertMenuItemW
GetDlgItemTextA
SystemParametersInfoW
EnableWindow
LoadStringW
MessageBoxW
GetDlgItem
SetFocus
RegisterClipboardFormatW
SendMessageW
LoadIconW
LoadImageW
SendDlgItemMessageW
DialogBoxParamW
GetDC
WinHelpW
ReleaseDC

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79ee41a87769e617b259f99b4f7b0e36

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

certcli

user32

comctl32

Sections

.text Size: 78KB - Virtual size: 78KB

.data Size: 70KB - Virtual size: 70KB

.data Size: 46KB - Virtual size: 6.2MB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 78KB - Virtual size: 78KB

.data
Size: 70KB - Virtual size: 70KB

.data
Size: 46KB - Virtual size: 6.2MB

.rsrc
Size: 1KB - Virtual size: 1KB