a75a2e980f39fa08bc0053ce31ce8ecf3f28f11ab9f2dd6312e4c4383cf1b5fb

Sharing

Copy URL Twitter E-mail

General

Target

a75a2e980f39fa08bc0053ce31ce8ecf3f28f11ab9f2dd6312e4c4383cf1b5fb
Size

380KB
MD5

60ae30b93139f0a65c03b81eeab66ed2
SHA1

606e6709b194c08a53e2baa56a44c10651a9f8a2
SHA256

a75a2e980f39fa08bc0053ce31ce8ecf3f28f11ab9f2dd6312e4c4383cf1b5fb
SHA512

a15d579af5ff65ba75ecbf395b1daab122d26d6af900480abd4c1fc032da709a7c96a0cdffc46f12664bd75c22473aa53e2755f3725060a7e543e49dd8e3a645
SSDEEP

6144:xjujSZm7FhmZ3pOvS36a2QtcvA4VhHkP8AtIkihR+vPzmv:xymZmFGzl2QtAHUck7ry

Score

10^/10

Malware Config

Signatures

Nirsoft 1 IoCs

resource	yara_rule
sample	Nirsoft

NirSoft WebBrowserPassView 1 IoCs

Password recovery tool for various web browsers

resource	yara_rule
sample	WebBrowserPassView

Files

a75a2e980f39fa08bc0053ce31ce8ecf3f28f11ab9f2dd6312e4c4383cf1b5fb
.exe windows x86

7607d9f2f9e7c234dd2592059cdb33fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
wcsncat
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
strchr
_strlwr
_wcsupr
memchr
_wcsicmp
malloc
wcschr
wcscmp
_purecall
modf
_wtoi
memcmp
_memicmp
wcstoul
strcpy
strcmp
wcsrchr
_gmtime64
strftime
realloc
wcsncmp
qsort
_wcsnicmp
??3@YAXPAX@Z
??2@YAPAXI@Z
wcslen
memcpy
wcscpy
memset
strlen
_snwprintf
wcscat
__set_app_type
_controlfp
_except_handler3
_itow
_wcslwr
free
__p__fmode
__p__commode

comctl32

CreateToolbarEx
ImageList_AddMasked
ImageList_SetImageCount
ImageList_Create
ord17
ImageList_ReplaceIcon
CreateStatusWindowW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

InitializeCriticalSection
GetFullPathNameA
CreateFileA
GetDiskFreeSpaceW
AreFileApisANSI
GetFullPathNameW
GetSystemTime
LockFileEx
FormatMessageA
GetTempPathA
GetSystemTimeAsFileTime
UnlockFileEx
GetTickCount
LockFile
FlushFileBuffers
UnlockFile
InterlockedCompareExchange
DeleteCriticalSection
GetFileAttributesExW
CreateFileMappingW
GetDiskFreeSpaceA
Sleep
GetModuleHandleA
GetStartupInfoW
DeleteFileA
EnterCriticalSection
QueryPerformanceCounter
GetFileAttributesA
LeaveCriticalSection
SetEndOfFile
UnmapViewOfFile
GetSystemInfo
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFree
WideCharToMultiByte
WriteFile
FreeLibrary
LoadLibraryW
GetProcAddress
CompareFileTime
GetCurrentDirectoryW
ExpandEnvironmentStringsW
MultiByteToWideChar
CloseHandle
GetFileSize
GetWindowsDirectoryW
FindFirstFileW
GetFileAttributesW
GetModuleHandleW
SetFilePointer
ReadFile
GetModuleFileNameW
CreateFileW
LockResource
lstrcpyW
lstrlenW
FindResourceW
GlobalAlloc
LoadResource
GlobalUnlock
GetTempPathW
LoadLibraryExW
GetLastError
FindNextFileW
SizeofResource
GetFileTime
GlobalLock
FormatMessageW
GetVersionExW
FindClose
GetTempFileNameW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
EnumResourceNamesW
GetStdHandle
DeleteFileW
SetErrorMode
ReadProcessMemory
GetCurrentProcessId
ExitProcess
GetCurrentProcess
SetCurrentDirectoryW
OpenProcess
EnumResourceTypesW
MapViewOfFile

user32

OpenClipboard
TranslateMessage
IsDialogMessageW
DrawTextExW
GetMessageW
DispatchMessageW
PostQuitMessage
TrackPopupMenu
RegisterWindowMessageW
EnumChildWindows
DestroyWindow
CreateDialogParamW
DestroyMenu
SetCursor
GetSysColorBrush
LoadCursorW
ChildWindowFromPoint
ShowWindow
DrawFrameControl
SetDlgItemInt
SetWindowTextW
BeginPaint
UpdateWindow
GetClientRect
SetDlgItemTextW
GetSystemMetrics
DeferWindowPos
CreateWindowExW
GetWindowRect
GetDlgItemInt
SendDlgItemMessageW
EndDialog
SetWindowLongW
EndPaint
GetDlgItem
InvalidateRect
GetWindow
LoadAcceleratorsW
PostMessageW
DefWindowProcW
TranslateAcceleratorW
SendMessageW
SetWindowPlacement
RegisterClassW
MessageBoxW
SetMenu
GetWindowPlacement
LoadImageW
LoadIconW
GetWindowLongW
BeginDeferWindowPos
EndDeferWindowPos
SetFocus
CheckMenuItem
GetParent
GetCursorPos
GetSysColor
SetClipboardData
EnableWindow
GetMenu
MapWindowPoints
GetSubMenu
GetDC
EmptyClipboard
DialogBoxParamW
ReleaseDC
GetClassNameW
EnableMenuItem
MoveWindow
GetMenuStringW
GetMenuItemCount
CloseClipboard
LoadStringW
SetWindowPos
GetWindowTextW
LoadMenuW
ModifyMenuW
GetMenuItemInfoW
GetDlgCtrlID

gdi32

SetBkColor
SelectObject
GetDeviceCaps
SetBkMode
DeleteObject
SetTextColor
CreateFontIndirectW
GetTextExtentPoint32W
GetStockObject

comdlg32

GetSaveFileNameW
FindTextW

advapi32

RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetFileInfoW
ShellExecuteW

ole32

CoTaskMemFree

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7607d9f2f9e7c234dd2592059cdb33fd

Headers

File Characteristics

Imports

msvcrt

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 244KB - Virtual size: 243KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 90KB - Virtual size: 92KB

.text
Size: 244KB - Virtual size: 243KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 90KB - Virtual size: 92KB