90dfaf9b985b8c8f34bcec44c296dd6058c8e910bade7ad3bdb5aedbe0ef5069

Sharing

Copy URL

Twitter E-mail

General

Target

90dfaf9b985b8c8f34bcec44c296dd6058c8e910bade7ad3bdb5aedbe0ef5069
Size

128KB
MD5

7224c409ed83b09c37dd8873bd645f5b
SHA1

38f2f113128e3534f68a8f255d84c8add0aae9e4
SHA256

90dfaf9b985b8c8f34bcec44c296dd6058c8e910bade7ad3bdb5aedbe0ef5069
SHA512

ed93d292675cb16b7fe1fa30b399a0baad7bb1fdf3576f5d36dd2ef3ba762d5a40a95fd5bb09d73021f416158f41bee1cad163657d9adb80f120cea205ebe10a
SSDEEP

3072:0uNS/mVe1YfUijHs+Lxrx9V1tZKS3NOYYbKwDMcOBDXsf4jLYiXUo62:0uNfVrnjHs+Lzv73NXYbKwDgLsf4388

Score

N/A

Malware Config

Signatures

Files

90dfaf9b985b8c8f34bcec44c296dd6058c8e910bade7ad3bdb5aedbe0ef5069
.exe windows x86

10a126d9315b4ada5c36f11aa7df9bdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
WinHelpW
wsprintfW
GetParent
GetWindowLongW
LoadStringW
SetWindowLongW
EnableWindow
SendMessageW
GetDlgItem

kernel32

GetModuleFileNameW
VirtualAlloc
GetComputerNameW
SetLastError
DisableThreadLibraryCalls
GetTickCount
SystemTimeToFileTime
UnhandledExceptionFilter
GetCurrentProcessId
GetCurrentProcess
WriteFile
FileTimeToLocalFileTime
InterlockedDecrement
GetSystemTime
SetUnhandledExceptionFilter
InterlockedIncrement
lstrlenW
EnterCriticalSection
lstrcmpiW
GetDateFormatW
LocalFree
GetLastError
GetCurrentThreadId
FormatMessageW
LocalAlloc
CreateFileW
GetModuleHandleW
GetEnvironmentVariableW
TerminateProcess
Sleep
LeaveCriticalSection
GetTimeFormatW
GetVersionExW
LocalReAlloc
GetACP
CloseHandle
FileTimeToSystemTime
GetSystemTimeAsFileTime
QueryPerformanceCounter
DeleteCriticalSection
MultiByteToWideChar
InitializeCriticalSection
CompareStringW

winmm

auxSetVolume

certcli

CAFindCertTypeByName
CAGetCertTypeProperty
CAFreeCertTypeProperty
CACloseCertType

msvcrt

_beginthread
malloc
_wtoi
iswdigit
_adjust_fdiv
_wcsnicmp
wcsncpy
_chdir
_wcsicmp
wcscat
_initterm
exit
free
_beep
_itow
wcscpy

ole32

CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize

crypt32

CertCreateCertificateContext
CertFreeCertificateContext
CryptDecodeObjectEx

comctl32

PropertySheetW

advapi32

RegEnumValueW
LsaRetrievePrivateData
LsaOpenPolicy
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
LsaFreeMemory
RegCloseKey
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
LsaClose
RegQueryInfoKeyW

ntdll

RtlInitializeResource
RtlDeleteResource
RtlAcquireResourceShared
RtlReleaseResource
RtlAcquireResourceExclusive

Sections

.textbss
Size: - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 124KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

10a126d9315b4ada5c36f11aa7df9bdc

Headers

File Characteristics

Imports

user32

kernel32

winmm

certcli

msvcrt

ole32

crypt32

comctl32

advapi32

ntdll

Sections

.textbss Size: - Virtual size: 576KB

.reloc Size: 1KB - Virtual size: 1KB

.text Size: 512B - Virtual size: 464B

.rdata Size: 512B - Virtual size: 32B

.idata Size: 124KB - Virtual size: 196KB

.textbss
Size: - Virtual size: 576KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 464B

.rdata
Size: 512B - Virtual size: 32B

.idata
Size: 124KB - Virtual size: 196KB