f68f703d7b2830dbeec4271b3ee7503cb754aafb50cc3f9c0eeaf352549d5602

Sharing

Copy URL Twitter E-mail

General

Target

f68f703d7b2830dbeec4271b3ee7503cb754aafb50cc3f9c0eeaf352549d5602
Size

851KB
MD5

6701a3287d8b943d6c0aea544c9bf47e
SHA1

e7aac4ee295b230c827632d2c9ff3456c0888d2b
SHA256

f68f703d7b2830dbeec4271b3ee7503cb754aafb50cc3f9c0eeaf352549d5602
SHA512

5f33a0d430424e7e8fbcef5593a0a0a5b5e857779c1254724075dc7de4241f4a94e3bbcb4e30df2470ebe85611884fb0801998ce06ccbc4bc5d62f957a3eb207
SSDEEP

24576:/g9PVfjo/n8YmyVaNSoU0c4rkKozmef+R1RvC0z:4vjo/dZaNSoUmkfiefuJz

Score

N/A

Malware Config

Signatures

Files

f68f703d7b2830dbeec4271b3ee7503cb754aafb50cc3f9c0eeaf352549d5602
.exe windows x86

fd6ebcada04078129b6fa3b863a0272a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertDuplicateCRLContext
CertNameToStrW
CryptRegisterOIDInfo
CryptQueryObject
CertComparePublicKeyInfo
CryptFindCertificateKeyProvInfo
I_CryptWalkAllLruCacheEntries
CryptGetOIDFunctionAddress
CryptSIPLoad
CryptSignAndEncodeCertificate
CryptSIPRemoveSignedDataMsg
CertGetIssuerCertificateFromStore
CertCreateCertificateChainEngine
I_CryptAddRefLruEntry
CertGetValidUsages
CryptSIPCreateIndirectData
CertDeleteCertificateFromStore
CryptGetMessageCertificates
CertVerifyCTLUsage
CryptMsgClose
CertDeleteCRLFromStore
CertCreateCertificateContext
CryptUnregisterOIDInfo
CryptInstallDefaultContext

msvcrt

_fpreset
??0bad_cast@@QAE@ABQBD@Z
__lc_codepage
_mbclen
_msize
_wfsopen
??4exception@@QAEAAV0@ABV0@@Z
_ismbbalnum
_getwche
?_query_new_mode@@YAHXZ
_wexecve
_fstat64
_mbsncmp
_CIsqrt
atexit
_osver
_mbcjistojms
fscanf

kernel32

GlobalAddAtomW
WriteConsoleOutputAttribute
SetConsoleNumberOfCommandsW
GetExitCodeThread
RtlUnwind
InitializeCriticalSection
LoadLibraryA
SystemTimeToTzSpecificLocalTime
VirtualAlloc
AllocateUserPhysicalPages
IsValidCodePage
IsDBCSLeadByteEx
CreateConsoleScreenBuffer
FindFirstVolumeW
LocalUnlock
SetNamedPipeHandleState
AddLocalAlternateComputerNameW
SetConsoleCursorInfo
SetUnhandledExceptionFilter
BaseCheckAppcompatCache
GetLocalTime
GetTickCount
CreateDirectoryExA
SetVolumeMountPointW
EnumResourceTypesW
ReleaseActCtx
CreateMutexW

schannel

SslFreeCertificate
SpUserModeInitialize
QueryContextAttributesW
SslLoadCertificate
InitializeSecurityContextA
SslGetMaximumKeySize
QuerySecurityPackageInfoA
QuerySecurityPackageInfoW
SslGenerateRandomBits
FreeContextBuffer
AcquireCredentialsHandleA
InitSecurityInterfaceW
VerifySignature
DeleteSecurityContext
FreeCredentialsHandle
CompleteAuthToken
SslCrackCertificate
AcquireCredentialsHandleW
QueryContextAttributesA
InitSecurityInterfaceA
AcceptSecurityContext
EnumerateSecurityPackagesW

shell32

SHGetMalloc

user32

EndDialog
MessageBoxW

Sections

.text
Size: 735KB - Virtual size: 735KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd6ebcada04078129b6fa3b863a0272a

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

msvcrt

kernel32

schannel

shell32

user32

Sections

.text Size: 735KB - Virtual size: 735KB

.rdata Size: 107KB - Virtual size: 107KB

.data Size: 4KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1016B

.text
Size: 735KB - Virtual size: 735KB

.rdata
Size: 107KB - Virtual size: 107KB

.data
Size: 4KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1016B