84903fe0a6e4b95aa801c600379267c97dedf5a4837271b2bf8d653fe1afa795

Sharing

Copy URL

Twitter E-mail

General

Target

84903fe0a6e4b95aa801c600379267c97dedf5a4837271b2bf8d653fe1afa795
Size

44KB
MD5

2a00a755ff19e31ba8d7e7b7ca3155fe
SHA1

f95e26d51c2032ea38b901625f79b62a9e9c921f
SHA256

84903fe0a6e4b95aa801c600379267c97dedf5a4837271b2bf8d653fe1afa795
SHA512

eb975de7f1dea25d5be0802114946473c4fef673d6853a2383957306a645788774862207371a649fed9a20f1786b58f4becb3d6bee169564a98b872c44fa7d17
SSDEEP

768:emq7fn7TFFvM3QvJKg5+1vlHgXRJ/J1p9ufG5LvhUohQMBtuftwfO:xI7T7EzHgXrh1p6GthZQRlwG

Score

N/A

Malware Config

Signatures

Files

84903fe0a6e4b95aa801c600379267c97dedf5a4837271b2bf8d653fe1afa795
.exe windows x86

aa2531e6a8044e60dc8b76b8eba35e47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cryptdlg

CertViewPropertiesA
CertModifyCertificatesToTrust
GetFriendlyNameOfCertW
FormatVerisignExtension
EncodeAttrSequence
CertConfigureTrustW
GetFriendlyNameOfCertA
FormatPKIXEmailProtection
DecodeAttrSequence
CertTrustFinalPolicy
CertConfigureTrustA
DecodeRecipientID
CertTrustCertPolicy
CertViewPropertiesW
CertSelectCertificateW
CertTrustInit
CertSelectCertificateA
EncodeRecipientID
CertTrustCleanup

security

EnumerateSecurityPackagesW
CompleteAuthToken
QuerySecurityPackageInfoA
DeleteSecurityPackageW
DeleteSecurityPackageA
ExportSecurityContext
EnumerateSecurityPackagesA
QueryCredentialsAttributesW
AcquireCredentialsHandleA
ApplyControlToken
QuerySecurityPackageInfoW
ImportSecurityContextA
MakeSignature
AddSecurityPackageW
InitializeSecurityContextA
DeleteSecurityContext

ntdll

NtSetIoCompletion
ZwOpenEventPair
RtlInterlockedPopEntrySList
ZwRaiseException
RtlFreeHeap
RtlDeactivateActivationContextUnsafeFast
DbgUiSetThreadDebugObject
DbgBreakPoint
ZwReplyWaitReceivePort
RtlImageNtHeader
RtlAddCompoundAce
NtCreateMutant
RtlAcquireResourceExclusive
NtReadFileScatter
RtlpWaitForCriticalSection
ZwStartProfile
ZwCreatePort

kernel32

GetDriveTypeW
GetThreadLocale
GetSystemTimeAdjustment
HeapCreate
GetTempPathA
GetStringTypeExA
FoldStringA
SetLastError
ReadConsoleInputW
SetConsoleWindowInfo
InitializeSListHead
SetFileValidData
Process32Next
GetNextVDMCommand
IsDebuggerPresent
lstrcpy
GetFileSize
DebugBreak
IsValidLocale
GetEnvironmentStringsW
ExitProcess
VirtualAlloc
LoadLibraryA
GetConsoleFontInfo
SwitchToFiber
InitializeCriticalSection
OutputDebugStringA
SetConsoleIcon
GetCurrentDirectoryW

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa2531e6a8044e60dc8b76b8eba35e47

Headers

DLL Characteristics

File Characteristics

Imports

cryptdlg

security

ntdll

kernel32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB