d82789790bb71fa0918a237460768c0ea820201c00c5609ead9dcf4d962e6b47

Sharing

Copy URL

Twitter E-mail

General

Target

d82789790bb71fa0918a237460768c0ea820201c00c5609ead9dcf4d962e6b47
Size

200KB
MD5

850fc15716d9a480b6def456e1290d90
SHA1

51f5c237b2af00d462e6ebb29536540045eba667
SHA256

d82789790bb71fa0918a237460768c0ea820201c00c5609ead9dcf4d962e6b47
SHA512

64dab70be8a84add66861d8a33ba9771e49c6206b4ef0afbb33fdd3017aaf17a88667ff97fc12681d99fdf9dcba03e38613db4fe343d84623b903d871211a4d5
SSDEEP

6144:5Imx6PegDc+K9i3KrfGoPLm+xnhiNv+xW:57x4ycKaoVxn0CW

Score

N/A

Malware Config

Signatures

Files

d82789790bb71fa0918a237460768c0ea820201c00c5609ead9dcf4d962e6b47
.exe windows x86

600d1e2fd44337b53dc42f132ac8cf6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW

kernel32

GetSystemDefaultLangID
GlobalFree
InterlockedIncrement
FileTimeToLocalFileTime
LocalReAlloc
FormatMessageW
LoadLibraryW
GetComputerNameW
OutputDebugStringA
GetModuleHandleA
GlobalUnlock
GetEnvironmentStringsW
GetACP
GlobalLock
InitializeCriticalSection
GetSystemWindowsDirectoryW
GetDateFormatW
FileTimeToSystemTime
SetUnhandledExceptionFilter
GetTickCount
LocalFree
GetStartupInfoA
QueryPerformanceCounter
lstrlenW
lstrcpyW
GetCurrentProcess
lstrcmpiW
InterlockedDecrement
CreateFileW
SetLastError
WideCharToMultiByte
CloseHandle
GlobalAlloc
IsBadReadPtr
DeleteCriticalSection
RemoveDirectoryA
OutputDebugStringW
GetSystemTimeAsFileTime
GetLastError
GetModuleFileNameW

msvcrt

memmove
wcsrchr
wcsstr
__RTDynamicCast
_wcsupr
malloc
??1type_info@@UAE@XZ
_onexit
wcslen
vswprintf
??2@YAPAXI@Z
free
??3@YAXPAX@Z
__dllonexit
_purecall
mbstowcs
wcscmp
_wcsicmp
?terminate@@YAXXZ
wcscpy
wcstoul
_initterm
wcschr
_adjust_fdiv
_except_handler3
wcscat

certcli

CACloseCertType
CACloseCA
CASetCertTypeExtension
CASetCertTypeKeySpec
CACertTypeSetSecurity
CAGetCertTypeFlags
CACreateCertType
CAUpdateCertType
CAFreeCertTypeProperty
CASetCertTypeFlags
CAGetCertTypePropertyEx
CAEnumNextCertType
CAFindByName
CAEnumCertTypes
CAFindCertTypeByName
CASetCertTypeProperty
CARemoveCACertificateType
CAGetCertTypeExtensions
CACertTypeGetSecurity
CAAddCACertificateType
CAGetCertTypeKeySpec
CAUpdateCA
CAGetCAProperty
CAGetCertTypeProperty
CAFreeCAProperty
CAEnumCertTypesForCA
CAFreeCertTypeExtensions

user32

LoadStringW
SendDlgItemMessageW
LoadIconW
LoadImageW
InsertMenuItemW
SystemParametersInfoW
DialogBoxParamW
GetDlgItem
SetDlgItemTextW
SetWindowTextW
EnableWindow
wsprintfW
PostMessageW
SetCursor
EndDialog
GetDlgItemTextA
GetParent
GetWindowLongW
LoadCursorW
WinHelpW
MessageBoxW
RegisterClipboardFormatW
LoadBitmapW
GetDC
SetWindowLongW
ReleaseDC
SendMessageW
SetFocus

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

600d1e2fd44337b53dc42f132ac8cf6d

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

certcli

user32

comctl32

Sections

.text Size: 116KB - Virtual size: 115KB

.data Size: 52KB - Virtual size: 52KB

.data Size: 27KB - Virtual size: 6.2MB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 116KB - Virtual size: 115KB

.data
Size: 52KB - Virtual size: 52KB

.data
Size: 27KB - Virtual size: 6.2MB

.rsrc
Size: 2KB - Virtual size: 1KB