61faa1761be19c1260580cac0f16e26e0f5a3ccdb7866bc7b7236de50309aede

Sharing

Copy URL Twitter E-mail

General

Target

61faa1761be19c1260580cac0f16e26e0f5a3ccdb7866bc7b7236de50309aede
Size

200KB
MD5

300f1a58dd1d7843d904beb4a0e01c10
SHA1

da5326cfcdc9913b98deb9169d32ceecd5fe33bb
SHA256

61faa1761be19c1260580cac0f16e26e0f5a3ccdb7866bc7b7236de50309aede
SHA512

4716686cf2215071dbc20118bd1a26e1ca9630b94c6a53bf0938b35f74f6f2c02405868facc2a0648e9ff0a9bbd0cfbf507122ed0f6d731d14926dc25e2a444e
SSDEEP

3072:9124gaxmqmCqvvSnTjbO/PyGRuBzyzOTjM1cC822p/cdGU6wBP5lX8qdAEHFdkds:9tgOcHCYylyzOQxR2pUbDBjYds

Score

N/A

Malware Config

Signatures

Files

61faa1761be19c1260580cac0f16e26e0f5a3ccdb7866bc7b7236de50309aede
.exe windows x86

11e55a6559d47f264bd9d27fb0ddd8e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcstoul
_wcsupr
free
wcsrchr
wcschr
??3@YAXPAX@Z
mbstowcs
wcsstr
??2@YAPAXI@Z
wcslen
_purecall
wcscmp
_except_handler3
_wcsicmp
_onexit
__dllonexit
vswprintf
wcscpy
wcscat
memmove
_initterm
__RTDynamicCast
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_adjust_fdiv
malloc

kernel32

GetSystemWindowsDirectoryW
QueryPerformanceCounter
DeleteCriticalSection
LocalFree
InterlockedDecrement
FileTimeToSystemTime
GetLocaleInfoW
FileTimeToLocalFileTime
GetProcAddress
lstrcmpiW
GlobalUnlock
GetLastError
GetCPInfo
InitializeCriticalSection
GetDateFormatW
lstrcpyW
InterlockedIncrement
GetComputerNameW
GlobalAlloc
GetModuleHandleA
LocalAlloc
SetLastError
CreateFileW
LocalReAlloc
GetModuleFileNameW
GetModuleHandleW
DeleteFileA
SetUnhandledExceptionFilter
IsBadReadPtr
FormatMessageW
OutputDebugStringW
GlobalFree
GetEnvironmentStringsA
GetSystemTimeAsFileTime
OutputDebugStringA
WriteFile
MultiByteToWideChar
GlobalLock
IsValidCodePage
GetCurrentProcess
GetSystemDefaultLCID
GetStartupInfoA
CloseHandle
LoadLibraryW
WideCharToMultiByte
lstrlenW

crypt32

CertEnumSystemStore
CertFreeCertificateContext
CryptDecodeObject
CryptEncodeObject
CertFreeCRLContext
CertGetEnhancedKeyUsage
CryptEnumOIDInfo
CertGetCertificateContextProperty
CryptFindOIDInfo
CertAddCertificateContextToStore
CertOpenStore
CertCloseStore
CertSaveStore
CertFindCRLInStore
CryptQueryObject
CertDuplicateCertificateContext
CertControlStore
CertDeleteCertificateFromStore
CertDuplicateStore
CertEnumCertificatesInStore
CertGetNameStringW

certcli

CAEnumCertTypesForCA
CASetCertTypeKeySpec
CAUpdateCA
CAFreeCertTypeExtensions
CAEnumNextCertType
CARemoveCACertificateType
CAFindByName
CACertTypeSetSecurity
CAGetCertTypeFlags
CAGetCertTypeKeySpec
CAGetCertTypeProperty
CAFreeCertTypeProperty
CASetCertTypeProperty
CAEnumCertTypes
CACloseCA
CAAddCACertificateType
CACreateCertType
CASetCertTypeExtension
CACertTypeGetSecurity
CAGetCertTypeExtensions
CASetCertTypeFlags
CAGetCAProperty
CACloseCertType
CAGetCertTypePropertyEx
CAFreeCAProperty
CAFindCertTypeByName
CAUpdateCertType

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps

user32

LoadCursorW
GetDlgItemTextA
WinHelpW
LoadBitmapW
LoadStringW
SetWindowLongW
GetParent
GetDlgItem
GetWindowLongW
SystemParametersInfoW
LoadIconW
EnableWindow
RegisterClipboardFormatW
EndDialog
PostMessageW
SendDlgItemMessageW
InsertMenuItemW
GetDC
MessageBoxW
DialogBoxParamW
SetFocus
SetDlgItemTextW
LoadImageW
wsprintfW
SendMessageW
ReleaseDC
SetWindowTextW
SetCursor

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW

shell32

ShellExecuteExW
ShellExecuteW

cryptui

CryptUIDlgViewCertificateW
CryptUIDlgSelectCertificateW
CryptUIDlgViewCRLW
CryptUIWizExport

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
StringFromCLSID
CoTaskMemFree
ReleaseStgMedium
StringFromGUID2
CoTaskMemAlloc
CoSetProxyBlanket
CoCreateInstanceEx

rpcrt4

UuidCreate
RpcStringFreeW

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 60KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11e55a6559d47f264bd9d27fb0ddd8e0

Headers

File Characteristics

Imports

msvcrt

kernel32

crypt32

certcli

gdi32

user32

comctl32

advapi32

shell32

cryptui

ole32

rpcrt4

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 48KB - Virtual size: 47KB

.mdata Size: 60KB - Virtual size: 1.1MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 48KB - Virtual size: 47KB

.mdata
Size: 60KB - Virtual size: 1.1MB

.rsrc
Size: 4KB - Virtual size: 3KB