868d849ae7a041b5ac15dd7036b04c688fca4caf578bb81ef2c6bae8fa281273

Sharing

Copy URL

Twitter E-mail

General

Target

868d849ae7a041b5ac15dd7036b04c688fca4caf578bb81ef2c6bae8fa281273
Size

196KB
MD5

8442e8999178a32ce20ab1ff5e93e974
SHA1

2320c88d2637e9fe00ed3b22c8377f76b13db26c
SHA256

868d849ae7a041b5ac15dd7036b04c688fca4caf578bb81ef2c6bae8fa281273
SHA512

98d5339561c1134347db9376ff01ebb75fc2a3c99c9a00ce63465129301a6666bc43bfc1ce1fcd5ad9c4575388436b7dc887dc4c17608fc039e858d2cf842b7c
SSDEEP

6144:v7TwtxOQFSopADoq71cjtxG7B8xW3cfi/KWf5Wdty:nkx3eN71mccOKSQty

Score

N/A

Malware Config

Signatures

Files

868d849ae7a041b5ac15dd7036b04c688fca4caf578bb81ef2c6bae8fa281273
.exe windows x86

4b233c73757e519f962544ff2f18f6a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CARemoveCACertificateType
CACertTypeSetSecurity
CAFreeCertTypeProperty
CAEnumNextCertType
CAGetCertTypePropertyEx
CASetCertTypeKeySpec
CAGetCertTypeExtensions
CAEnumCertTypes
CAFindByName
CAFreeCAProperty
CAGetCAProperty
CAGetCertTypeFlags
CASetCertTypeExtension
CACloseCA
CAEnumCertTypesForCA
CAUpdateCA
CASetCertTypeFlags
CACreateCertType
CACertTypeGetSecurity
CASetCertTypeProperty
CAUpdateCertType
CAAddCACertificateType
CAFreeCertTypeExtensions
CACloseCertType
CAFindCertTypeByName
CAGetCertTypeKeySpec
CAGetCertTypeProperty

kernel32

GlobalFree
GetStartupInfoA
SetLastError
GetProcAddress
FileTimeToLocalFileTime
GetSystemDefaultLangID
WideCharToMultiByte
lstrlenW
LocalFree
GetModuleFileNameW
GetComputerNameW
OutputDebugStringW
FileTimeToSystemTime
GetEnvironmentStringsW
RemoveDirectoryA
QueryPerformanceCounter
InterlockedDecrement
GetCPInfo
CloseHandle
LoadLibraryW
GetCurrentProcess
GetSystemTimeAsFileTime
InitializeCriticalSection
CreateFileW
GetDateFormatW
OutputDebugStringA
LocalReAlloc
GlobalAlloc
FormatMessageW
SetUnhandledExceptionFilter
DeleteCriticalSection
GetModuleHandleA
GlobalUnlock
GetTickCount
lstrcmpiW
GetSystemWindowsDirectoryW
lstrcpyW
GlobalLock
GetLastError
IsBadReadPtr
InterlockedIncrement

msvcrt

__dllonexit
?terminate@@YAXXZ
wcsstr
_wcsicmp
??3@YAXPAX@Z
wcsrchr
_onexit
_adjust_fdiv
free
memmove
mbstowcs
wcscmp
_initterm
wcstoul
_wcsupr
wcslen
??1type_info@@UAE@XZ
malloc
vswprintf
wcscpy
_except_handler3
__RTDynamicCast
wcschr
wcscat
??2@YAPAXI@Z

user32

LoadStringW
EnableWindow
SetDlgItemTextW
EndDialog
LoadCursorW
SetCursor
SetWindowTextW
GetDC
SystemParametersInfoW
DialogBoxParamW
WinHelpW
GetWindowLongW
RegisterClipboardFormatW
SetFocus
LoadImageW
SendDlgItemMessageW
wsprintfW
LoadIconW
GetDlgItem
LoadBitmapW
SendMessageW
SetWindowLongW
InsertMenuItemW
GetParent
GetDlgItemTextA
MessageBoxW
ReleaseDC
PostMessageW

advapi32

RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b233c73757e519f962544ff2f18f6a6

Headers

File Characteristics

Imports

certcli

kernel32

msvcrt

user32

advapi32

comctl32

Sections

.text Size: 76KB - Virtual size: 76KB

.data Size: 69KB - Virtual size: 69KB

.data Size: 46KB - Virtual size: 6.2MB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 76KB

.data
Size: 69KB - Virtual size: 69KB

.data
Size: 46KB - Virtual size: 6.2MB

.rsrc
Size: 1KB - Virtual size: 1KB