5e44fe63c67848904b9c5548e1eef8fdb85a4055b677a3deff95d37f51ecba73

Sharing

Copy URL Twitter E-mail

General

Target

5e44fe63c67848904b9c5548e1eef8fdb85a4055b677a3deff95d37f51ecba73
Size

198KB
MD5

764a7dc492a7b95c6e0f31dab84c80e8
SHA1

e036e97e9f38768a20204e3e92a7aae2ba205311
SHA256

5e44fe63c67848904b9c5548e1eef8fdb85a4055b677a3deff95d37f51ecba73
SHA512

8955f2cf37adea50ba2439b7f9e42f6648ebf50a4d5685245a1c1207a862c4e42fa7e250803162f1148ab90a309d99d42d7a214c770dc8927ee26269313e5154
SSDEEP

6144:pTZwhxeIFb+bVyJm85/tDBNMG0TR+TNnx:F4/tNNj0d+T/

Score

N/A

Malware Config

Signatures

Files

5e44fe63c67848904b9c5548e1eef8fdb85a4055b677a3deff95d37f51ecba73
.exe windows x86

d66b14e0fbfc9f66e9e9cbc6d9e94646

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CASetCertTypeProperty
CASetCertTypeKeySpec
CAGetCertTypePropertyEx
CAEnumNextCertType
CAUpdateCA
CAAddCACertificateType
CACloseCA
CAEnumCertTypes
CAGetCertTypeExtensions
CASetCertTypeExtension
CACertTypeGetSecurity
CARemoveCACertificateType
CAEnumCertTypesForCA
CACreateCertType
CAUpdateCertType
CAFreeCAProperty
CAFreeCertTypeProperty
CAFindByName
CAGetCertTypeKeySpec
CACertTypeSetSecurity
CAFindCertTypeByName
CAGetCertTypeFlags
CAGetCertTypeProperty
CAGetCAProperty
CASetCertTypeFlags
CACloseCertType
CAFreeCertTypeExtensions

user32

LoadBitmapW
InsertMenuItemW
SetWindowTextW
SendMessageW
MessageBoxW
DialogBoxParamW
wsprintfW
SendDlgItemMessageW
SetFocus
RegisterClipboardFormatW
GetDlgItem
SetCursor
LoadImageW
GetWindowLongW
EnableWindow
LoadCursorW
ReleaseDC
SystemParametersInfoW
LoadStringW
SetDlgItemTextW
GetParent
SetWindowLongW
EndDialog
GetDC
PostMessageW
WinHelpW
GetDlgItemTextA
LoadIconW

advapi32

RegCloseKey
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW

msvcrt

wcschr
_wcsicmp
_adjust_fdiv
??2@YAPAXI@Z
__dllonexit
__RTDynamicCast
?terminate@@YAXXZ
_onexit
wcscat
malloc
memmove
mbstowcs
wcscpy
wcsstr
??1type_info@@UAE@XZ
wcslen
wcscmp
_purecall
wcstoul
_initterm
_wcsupr
??3@YAXPAX@Z
wcsrchr
_except_handler3
free
vswprintf

crypt32

CryptEncodeObject
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertEnumSystemStore
CryptQueryObject
CertCloseStore
CertDeleteCertificateFromStore
CertFreeCertificateContext
CertFreeCRLContext
CertOpenStore
CertGetNameStringW
CryptEnumOIDInfo
CertControlStore
CryptFindOIDInfo
CertAddCertificateContextToStore
CertDuplicateCertificateContext
CryptDecodeObject
CertFindCRLInStore
CertGetEnhancedKeyUsage
CertSaveStore
CertDuplicateStore

shell32

ShellExecuteW
ShellExecuteExW

kernel32

GlobalFree
GlobalAlloc
GetLastError
SetUnhandledExceptionFilter
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDateFormatW
InterlockedIncrement
InterlockedDecrement
DeleteFileA
GetModuleHandleA
GetSystemWindowsDirectoryW
InitializeCriticalSection
lstrlenW
GetCurrentProcess
GetStartupInfoA
OutputDebugStringW
CreateFileW
CloseHandle
GetSystemTimeAsFileTime
GetModuleFileNameW
GetCPInfo
SetLastError
lstrcpyW
DeleteCriticalSection
GetComputerNameW
LoadLibraryW
IsBadReadPtr
LocalFree
OutputDebugStringA
GlobalLock
GetLocaleInfoW
GetSystemDefaultLCID
LocalAlloc
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
LocalReAlloc
GetProcAddress
QueryPerformanceCounter
GetEnvironmentStringsA
GlobalUnlock
lstrcmpiW
IsValidCodePage
WriteFile

gdi32

DeleteObject
CreateFontIndirectW
GetDeviceCaps

cryptui

CryptUIWizExport
CryptUIDlgViewCRLW
CryptUIDlgViewCertificateW
CryptUIDlgSelectCertificateW

ole32

CoCreateInstanceEx
CoTaskMemAlloc
GetHGlobalFromStream
CoSetProxyBlanket
StringFromGUID2
StringFromCLSID
CoTaskMemFree
ReleaseStgMedium
CreateStreamOnHGlobal

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 86KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d66b14e0fbfc9f66e9e9cbc6d9e94646

Headers

File Characteristics

Imports

certcli

user32

advapi32

msvcrt

crypt32

shell32

kernel32

gdi32

cryptui

ole32

comctl32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 38KB - Virtual size: 38KB

.mdata Size: 86KB - Virtual size: 2.2MB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 38KB - Virtual size: 38KB

.mdata
Size: 86KB - Virtual size: 2.2MB

.rsrc
Size: 3KB - Virtual size: 3KB