ddf99ba33d539f20b2364888c2df8c2e9fbfbe3b714bb8260c5888df31e07a5d

Sharing

Copy URL Twitter E-mail

General

Target

ddf99ba33d539f20b2364888c2df8c2e9fbfbe3b714bb8260c5888df31e07a5d
Size

47KB
MD5

03dd5f4d228bffb65b688392bd4c986b
SHA1

be3e9f36fa1052865a180150688927859ceeb374
SHA256

ddf99ba33d539f20b2364888c2df8c2e9fbfbe3b714bb8260c5888df31e07a5d
SHA512

b334d19c7b0b8e19a21ccd166eab9433bc5e1ac6907966234e6821259298a9019157b8b80ca4558ddd414cf24e0f45a035269760e1fa8469ac8a581abeedd5ff
SSDEEP

768:bECH0r5ofc3liAvUdI6ogfCwBMy6kffC82ZC8RUxVcjKYLbn:bEyKo+iA85DLm82ZCpzcjK

Score

N/A

Malware Config

Signatures

Files

ddf99ba33d539f20b2364888c2df8c2e9fbfbe3b714bb8260c5888df31e07a5d
.exe windows x86

56ed82ae766daf2d041486d29289e596

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cryptui

RetrievePKCS7FromCA
CryptUIDlgSelectCA
CryptUIWizCreateCertRequestNoDS
CryptUIWizCertRequest
CryptUIDlgSelectStoreA
LocalEnrollNoDS
CryptUIFreeViewSignaturesPagesA
CryptUIFreeCertificatePropertiesPagesA
CryptUIDlgCertMgr
ACUIProviderInvokeUI

advpack

CloseINFEngine
ExecuteCab
DoInfInstall
AddDelBackupEntry
FileSaveRestoreOnINF
RebootCheckOnInstall
LaunchINFSectionEx
RegSaveRestoreOnINF
GetVersionFromFileEx

user32

PostQuitMessage
SetFocus
SystemParametersInfoA
ScreenToClient
GetWindowTextA
DestroyWindow
RegisterClassExA
SetDlgItemInt
DispatchMessageA
UpdateWindow
OffsetRect
GetMessageA
TranslateMessage
SetWindowPos
ShowWindow
GetWindowLongA
GetSysColorBrush
CreateDialogParamA
CharNextA
DefWindowProcA
DialogBoxParamA
GetClientRect
GetSubMenu
CheckRadioButton
LoadMenuA
LoadIconA
CreateWindowExA
SendMessageA
LoadCursorA

kernel32

InterlockedDecrement
ExpandEnvironmentStringsA
ReadFileScatter
ReadFile
ReadFileEx
GetEnvironmentStringsA
GetFileTime
ConnectNamedPipe
CloseHandle
CreateMutexA
InterlockedCompareExchange
InterlockedFlushSList
InterlockedPushEntrySList
FileTimeToLocalFileTime
VirtualFree
FileTimeToDosDateTime
GetStringTypeA
InterlockedPopEntrySList
SetFilePointer
WriteFileEx
CreateSemaphoreW
InterlockedIncrement
GetSystemTime
InterlockedExchange
GetSystemTimes
DosDateTimeToFileTime
CreateFileA
GetFirmwareEnvironmentVariableA
GetSystemTimeAsFileTime
ReleaseSemaphore
ReleaseMutex
lstrlenA
lstrcmpA
FreeEnvironmentStringsA
GetLastError
OpenMutexA
VirtualAllocEx
PeekNamedPipe

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

56ed82ae766daf2d041486d29289e596

Headers

DLL Characteristics

File Characteristics

Imports

cryptui

advpack

user32

kernel32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 236B

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 236B

.rsrc
Size: 40KB - Virtual size: 40KB