c1b9a012e5f50cab9c4e605f920c6cda1d3f5fbf855f63c89bc1f873968a8eee

Sharing

Copy URL Twitter E-mail

General

Target

c1b9a012e5f50cab9c4e605f920c6cda1d3f5fbf855f63c89bc1f873968a8eee
Size

200KB
MD5

828094fc440119fcb0b1f02d0fe2aad0
SHA1

f9a347f7926fb803d7fabcbc7d5c319560c307da
SHA256

c1b9a012e5f50cab9c4e605f920c6cda1d3f5fbf855f63c89bc1f873968a8eee
SHA512

d318af4f025528f197b653f6e87bb888bc625ad397763b06e6f4c0d6972795d761175195f37e15a6d986b2c1b9a3e5674fb3ae90c30eb5b06691287d54356926
SSDEEP

6144:5Imx6PegDc+K9i3KrfGoPLm+xnhiNv+xS:57x4ycKaoVxn0CS

Score

N/A

Malware Config

Signatures

Files

c1b9a012e5f50cab9c4e605f920c6cda1d3f5fbf855f63c89bc1f873968a8eee
.exe windows x86

600d1e2fd44337b53dc42f132ac8cf6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW

kernel32

GetSystemDefaultLangID
GlobalFree
InterlockedIncrement
FileTimeToLocalFileTime
LocalReAlloc
FormatMessageW
LoadLibraryW
GetComputerNameW
OutputDebugStringA
GetModuleHandleA
GlobalUnlock
GetEnvironmentStringsW
GetACP
GlobalLock
InitializeCriticalSection
GetSystemWindowsDirectoryW
GetDateFormatW
FileTimeToSystemTime
SetUnhandledExceptionFilter
GetTickCount
LocalFree
GetStartupInfoA
QueryPerformanceCounter
lstrlenW
lstrcpyW
GetCurrentProcess
lstrcmpiW
InterlockedDecrement
CreateFileW
SetLastError
WideCharToMultiByte
CloseHandle
GlobalAlloc
IsBadReadPtr
DeleteCriticalSection
RemoveDirectoryA
OutputDebugStringW
GetSystemTimeAsFileTime
GetLastError
GetModuleFileNameW

msvcrt

memmove
wcsrchr
wcsstr
__RTDynamicCast
_wcsupr
malloc
??1type_info@@UAE@XZ
_onexit
wcslen
vswprintf
??2@YAPAXI@Z
free
??3@YAXPAX@Z
__dllonexit
_purecall
mbstowcs
wcscmp
_wcsicmp
?terminate@@YAXXZ
wcscpy
wcstoul
_initterm
wcschr
_adjust_fdiv
_except_handler3
wcscat

certcli

CACloseCertType
CACloseCA
CASetCertTypeExtension
CASetCertTypeKeySpec
CACertTypeSetSecurity
CAGetCertTypeFlags
CACreateCertType
CAUpdateCertType
CAFreeCertTypeProperty
CASetCertTypeFlags
CAGetCertTypePropertyEx
CAEnumNextCertType
CAFindByName
CAEnumCertTypes
CAFindCertTypeByName
CASetCertTypeProperty
CARemoveCACertificateType
CAGetCertTypeExtensions
CACertTypeGetSecurity
CAAddCACertificateType
CAGetCertTypeKeySpec
CAUpdateCA
CAGetCAProperty
CAGetCertTypeProperty
CAFreeCAProperty
CAEnumCertTypesForCA
CAFreeCertTypeExtensions

user32

LoadStringW
SendDlgItemMessageW
LoadIconW
LoadImageW
InsertMenuItemW
SystemParametersInfoW
DialogBoxParamW
GetDlgItem
SetDlgItemTextW
SetWindowTextW
EnableWindow
wsprintfW
PostMessageW
SetCursor
EndDialog
GetDlgItemTextA
GetParent
GetWindowLongW
LoadCursorW
WinHelpW
MessageBoxW
RegisterClipboardFormatW
LoadBitmapW
GetDC
SetWindowLongW
ReleaseDC
SendMessageW
SetFocus

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

600d1e2fd44337b53dc42f132ac8cf6d

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

certcli

user32

comctl32

Sections

.text Size: 116KB - Virtual size: 115KB

.data Size: 52KB - Virtual size: 52KB

.data Size: 27KB - Virtual size: 6.2MB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 116KB - Virtual size: 115KB

.data
Size: 52KB - Virtual size: 52KB

.data
Size: 27KB - Virtual size: 6.2MB

.rsrc
Size: 2KB - Virtual size: 1KB