884528b2b6fe2bfbfe879b4c93efa54339a9ae4e9d9178b843a0db8c10067f99

Sharing

Copy URL Twitter E-mail

General

Target

884528b2b6fe2bfbfe879b4c93efa54339a9ae4e9d9178b843a0db8c10067f99
Size

632KB
MD5

0d8710d056e32f69c9c7dc476075af10
SHA1

d890534a6033385b6b599f96d371105d12813076
SHA256

884528b2b6fe2bfbfe879b4c93efa54339a9ae4e9d9178b843a0db8c10067f99
SHA512

2cd81429c4137b78632b6bff13cd65af68e63d41e4efb78f7156181e1bae6c76ac191dfab8e0add58310dec294d0c7d8d9ae3cc654c64065b54201d8144e0372
SSDEEP

12288:aZ15pOTE/wdYl5o9D31j5imna1kmwOHW9Xs3Y9ivmZqb:a7uTgw+lgD31j5CzqsI4v

Score

N/A

Malware Config

Signatures

Files

884528b2b6fe2bfbfe879b4c93efa54339a9ae4e9d9178b843a0db8c10067f99
.exe windows x86

0d1153f78c761173231a548430873dfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

vwprintf
_wcsicmp
_controlfp
_except_handler3
__set_app_type
malloc
wcscat
_adjust_fdiv
__setusermatherr
_initterm
exit
_XcptFilter
_exit
_wasctime
wcscpy
swprintf
wprintf
towupper
printf
realloc
scanf
wcslen
strtok
free
_wtol
__wgetmainargs
__p__fmode
__p__commode
__p___winitenv

advapi32

CryptReleaseContext
CryptAcquireContextA

kernel32

GetSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
MultiByteToWideChar
GetLastError
SetLastError
CompareFileTime
FileTimeToSystemTime
WriteFile
GetFileSize
CreateFileMappingA
MapViewOfFile
CloseHandle
GetVersionExA
WideCharToMultiByte
LocalAlloc
GetModuleHandleA
UnmapViewOfFile
LocalFree

crypt32

CryptFreeOIDFunctionAddress
CertSaveStore
CertAddCertificateContextToStore
CryptGetOIDFunctionAddress
CreateFileU
CryptFindOIDInfo
CryptDecodeObject
CertRDNValueToStrA
CertRDNValueToStrW
CertCloseStore
CryptMsgClose
CryptRegisterOIDInfo
CryptInstallOIDFunctionAddress
CryptInitOIDFunctionSet
CertAddEncodedCertificateToStore
CertAddEncodedCRLToStore
CertAddEncodedCTLToStore
CertOpenStore
CertFreeCTLContext
CertAddCTLContextToStore
CertFindCTLInStore
CertFreeCRLContext
CertAddCRLContextToStore
CertFreeCertificateContext
CryptSIPRetrieveSubjectGuid
CertFindCertificateInStore
CertEnumCTLsInStore
CertGetCRLFromStore
CertEnumCertificatesInStore
CertEnumCertificateContextProperties
CertDuplicateCertificateContext
CertDuplicateCTLContext
CertDeleteCTLFromStore
CertDuplicateCRLContext
CertDeleteCRLFromStore
CertDeleteCertificateFromStore
CertSetCertificateContextProperty
CryptEncodeObject
CertGetCRLContextProperty
CertGetPublicKeyLength
CryptHashPublicKeyInfo
CertGetCertificateContextProperty
CertGetCTLContextProperty
CryptMsgGetAndVerifySigner
CryptMsgGetParam
CryptMsgUpdate
CryptMsgOpenToDecode
CryptSIPLoad

cryptui

CryptUIDlgCertMgr

user32

LoadStringA
LoadStringW

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 596KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d1153f78c761173231a548430873dfc

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

crypt32

cryptui

user32

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 596KB - Virtual size: 1.8MB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 596KB - Virtual size: 1.8MB