9d7067278b09198d755ddf1d6aa47a9bc7408dfe3ab7336eb233934f9005e6c0

Sharing

Copy URL Twitter E-mail

General

Target

9d7067278b09198d755ddf1d6aa47a9bc7408dfe3ab7336eb233934f9005e6c0
Size

198KB
MD5

5749a6136721fea71f5a18305a46e448
SHA1

54b3400cf90b19f67d13b99148877a2d6a302a32
SHA256

9d7067278b09198d755ddf1d6aa47a9bc7408dfe3ab7336eb233934f9005e6c0
SHA512

02b540aa6d48b219d8b88472d5335b930d2ed1544a07fb77ca505f71bb0139158f165ab650f13baa1c689f6435d068946b21d036ce03888761a7e88722dc3359
SSDEEP

6144:EV/NkOQr1yPuNtGITZLbwtuR1ZY6cNOx5:EArEPMZotc4NW5

Score

N/A

Malware Config

Signatures

Files

9d7067278b09198d755ddf1d6aa47a9bc7408dfe3ab7336eb233934f9005e6c0
.exe windows x86

64c6f83d1bada1ec897b30aeea8447d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CACreateCertType
CAGetCertTypePropertyEx
CAFindCertTypeByName
CAEnumNextCertType
CASetCertTypeFlags
CAFreeCertTypeProperty
CAFindByName
CAEnumCertTypesForCA
CAGetCertTypeExtensions
CAGetCAProperty
CAGetCertTypeProperty
CARemoveCACertificateType
CAGetCertTypeFlags
CACloseCertType
CAUpdateCA
CASetCertTypeProperty
CASetCertTypeKeySpec
CACloseCA
CAAddCACertificateType
CAUpdateCertType
CAGetCertTypeKeySpec
CASetCertTypeExtension
CACertTypeSetSecurity
CAEnumCertTypes
CAFreeCAProperty
CAFreeCertTypeExtensions
CACertTypeGetSecurity

msvcrt

wcscmp
_wcsupr
mbstowcs
_adjust_fdiv
?terminate@@YAXXZ
_onexit
__RTDynamicCast
_purecall
malloc
wcsstr
_wcsicmp
memmove
??1type_info@@UAE@XZ
wcslen
free
wcscpy
_initterm
__dllonexit
??3@YAXPAX@Z
wcsrchr
_except_handler3
wcstoul
wcschr
wcscat
vswprintf
??2@YAPAXI@Z

kernel32

GetACP
GlobalAlloc
GetCurrentProcess
CloseHandle
InterlockedDecrement
GetDateFormatW
LoadLibraryW
GetEnvironmentStringsA
IsBadReadPtr
FormatMessageW
GlobalLock
GetModuleHandleA
OutputDebugStringA
SetLastError
GetSystemWindowsDirectoryW
GetProcAddress
InitializeCriticalSection
QueryPerformanceCounter
IsValidCodePage
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetStartupInfoA
DeleteCriticalSection
GlobalUnlock
GetComputerNameW
GetTickCount
WideCharToMultiByte
OutputDebugStringW
LocalFree
GetModuleFileNameW
RemoveDirectoryW
lstrcmpiW
lstrlenW
CreateFileW
GetSystemTimeAsFileTime
lstrcpyW
GetLastError
SetUnhandledExceptionFilter
LocalReAlloc
InterlockedIncrement

advapi32

RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

user32

LoadImageW
MessageBoxW
SetCursor
SystemParametersInfoW
GetDC
SendMessageW
EnableWindow
LoadCursorW
SetWindowTextW
GetParent
SetWindowLongW
GetWindowLongW
wsprintfW
ReleaseDC
LoadBitmapW
SendDlgItemMessageW
DialogBoxParamW
SetDlgItemTextW
InsertMenuItemW
LoadIconW
LoadStringW
PostMessageW
SetFocus
GetDlgItem
RegisterClipboardFormatW
GetDlgItemTextA
EndDialog
WinHelpW

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

Sections

.code
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64c6f83d1bada1ec897b30aeea8447d9

Headers

File Characteristics

Imports

certcli

msvcrt

kernel32

advapi32

comctl32

user32

gdi32

Sections

.code Size: 72KB - Virtual size: 72KB

.rdata Size: 16KB - Virtual size: 6.2MB

.rsrc Size: 2KB - Virtual size: 1KB

.data Size: 106KB - Virtual size: 105KB

.code
Size: 72KB - Virtual size: 72KB

.rdata
Size: 16KB - Virtual size: 6.2MB

.rsrc
Size: 2KB - Virtual size: 1KB

.data
Size: 106KB - Virtual size: 105KB