900dff3a938fe57c8ae8c69c4d51c7c4509088258579f0acd7234bbb45f62dd4

Sharing

Copy URL Twitter E-mail

General

Target

900dff3a938fe57c8ae8c69c4d51c7c4509088258579f0acd7234bbb45f62dd4
Size

200KB
MD5

57f1ee59abbaeaa272ce78006d9ebbe0
SHA1

20bfa8fc39c14f64449d9e1ff737a2fdaa63b4e7
SHA256

900dff3a938fe57c8ae8c69c4d51c7c4509088258579f0acd7234bbb45f62dd4
SHA512

8b0d506bf94d1784e61c9525bfb4ac4818443e421e20131b2929f92c03f2f72e5a778ff9680c994eb6343d3fb02cdfe39e677692e91707664585acc4b2b7c579
SSDEEP

3072:9124gaxmqmCqvvSnTjbO/PyGRuBzyzOTjM1cC822p/cdGU6wBP5lX8qdAEHFdkdx:9tgOcHCYylyzOQxR2pUbDBjYdx

Score

N/A

Malware Config

Signatures

Files

900dff3a938fe57c8ae8c69c4d51c7c4509088258579f0acd7234bbb45f62dd4
.exe windows x86

11e55a6559d47f264bd9d27fb0ddd8e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcstoul
_wcsupr
free
wcsrchr
wcschr
??3@YAXPAX@Z
mbstowcs
wcsstr
??2@YAPAXI@Z
wcslen
_purecall
wcscmp
_except_handler3
_wcsicmp
_onexit
__dllonexit
vswprintf
wcscpy
wcscat
memmove
_initterm
__RTDynamicCast
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_adjust_fdiv
malloc

kernel32

GetSystemWindowsDirectoryW
QueryPerformanceCounter
DeleteCriticalSection
LocalFree
InterlockedDecrement
FileTimeToSystemTime
GetLocaleInfoW
FileTimeToLocalFileTime
GetProcAddress
lstrcmpiW
GlobalUnlock
GetLastError
GetCPInfo
InitializeCriticalSection
GetDateFormatW
lstrcpyW
InterlockedIncrement
GetComputerNameW
GlobalAlloc
GetModuleHandleA
LocalAlloc
SetLastError
CreateFileW
LocalReAlloc
GetModuleFileNameW
GetModuleHandleW
DeleteFileA
SetUnhandledExceptionFilter
IsBadReadPtr
FormatMessageW
OutputDebugStringW
GlobalFree
GetEnvironmentStringsA
GetSystemTimeAsFileTime
OutputDebugStringA
WriteFile
MultiByteToWideChar
GlobalLock
IsValidCodePage
GetCurrentProcess
GetSystemDefaultLCID
GetStartupInfoA
CloseHandle
LoadLibraryW
WideCharToMultiByte
lstrlenW

crypt32

CertEnumSystemStore
CertFreeCertificateContext
CryptDecodeObject
CryptEncodeObject
CertFreeCRLContext
CertGetEnhancedKeyUsage
CryptEnumOIDInfo
CertGetCertificateContextProperty
CryptFindOIDInfo
CertAddCertificateContextToStore
CertOpenStore
CertCloseStore
CertSaveStore
CertFindCRLInStore
CryptQueryObject
CertDuplicateCertificateContext
CertControlStore
CertDeleteCertificateFromStore
CertDuplicateStore
CertEnumCertificatesInStore
CertGetNameStringW

certcli

CAEnumCertTypesForCA
CASetCertTypeKeySpec
CAUpdateCA
CAFreeCertTypeExtensions
CAEnumNextCertType
CARemoveCACertificateType
CAFindByName
CACertTypeSetSecurity
CAGetCertTypeFlags
CAGetCertTypeKeySpec
CAGetCertTypeProperty
CAFreeCertTypeProperty
CASetCertTypeProperty
CAEnumCertTypes
CACloseCA
CAAddCACertificateType
CACreateCertType
CASetCertTypeExtension
CACertTypeGetSecurity
CAGetCertTypeExtensions
CASetCertTypeFlags
CAGetCAProperty
CACloseCertType
CAGetCertTypePropertyEx
CAFreeCAProperty
CAFindCertTypeByName
CAUpdateCertType

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps

user32

LoadCursorW
GetDlgItemTextA
WinHelpW
LoadBitmapW
LoadStringW
SetWindowLongW
GetParent
GetDlgItem
GetWindowLongW
SystemParametersInfoW
LoadIconW
EnableWindow
RegisterClipboardFormatW
EndDialog
PostMessageW
SendDlgItemMessageW
InsertMenuItemW
GetDC
MessageBoxW
DialogBoxParamW
SetFocus
SetDlgItemTextW
LoadImageW
wsprintfW
SendMessageW
ReleaseDC
SetWindowTextW
SetCursor

comctl32

CreatePropertySheetPageW
PropertySheetW

advapi32

RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW

shell32

ShellExecuteExW
ShellExecuteW

cryptui

CryptUIDlgViewCertificateW
CryptUIDlgSelectCertificateW
CryptUIDlgViewCRLW
CryptUIWizExport

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
StringFromCLSID
CoTaskMemFree
ReleaseStgMedium
StringFromGUID2
CoTaskMemAlloc
CoSetProxyBlanket
CoCreateInstanceEx

rpcrt4

UuidCreate
RpcStringFreeW

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 60KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11e55a6559d47f264bd9d27fb0ddd8e0

Headers

File Characteristics

Imports

msvcrt

kernel32

crypt32

certcli

gdi32

user32

comctl32

advapi32

shell32

cryptui

ole32

rpcrt4

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 48KB - Virtual size: 47KB

.mdata Size: 60KB - Virtual size: 1.1MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 48KB - Virtual size: 47KB

.mdata
Size: 60KB - Virtual size: 1.1MB

.rsrc
Size: 4KB - Virtual size: 3KB