7589bb99d8998bf8dfc5dc8e56d7804114fa908a4e110d38ee220dec7237868b

Sharing

Copy URL Twitter E-mail

General

Target

7589bb99d8998bf8dfc5dc8e56d7804114fa908a4e110d38ee220dec7237868b
Size

198KB
MD5

0c03956c3bf67c71f4ea5e42b328bb30
SHA1

fb8b63015d8212565357648f46455bc65f1688f1
SHA256

7589bb99d8998bf8dfc5dc8e56d7804114fa908a4e110d38ee220dec7237868b
SHA512

ba3cfc4f4e1b0086186729b0855373e70ea191e069fd6e51ae8309280ec1a75ae80cf5c1521d9ff4dc11e3a0b3e40f093a6dd571bf545219196dccb2be60f11a
SSDEEP

3072:g0l8F965JcIytv3XdKNr7ZLjwAYtb8rJ6ekUmLlhdKWSskbzEhrQYNjQz/97:g0lEoJcIYP6twAYtbLzJEbzElzNj+7

Score

N/A

Malware Config

Signatures

Files

7589bb99d8998bf8dfc5dc8e56d7804114fa908a4e110d38ee220dec7237868b
.exe windows x86

6979a54e9370e33c87f46e5a90a98ca6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetModuleFileNameW
InterlockedIncrement
SetUnhandledExceptionFilter
InterlockedDecrement
LocalFree
FileTimeToSystemTime
GetEnvironmentStringsA
lstrcmpiW
DeleteCriticalSection
GetDateFormatW
GetCPInfo
FormatMessageW
IsBadReadPtr
CreateFileW
GetLastError
GetSystemTimeAsFileTime
LocalAlloc
OutputDebugStringA
lstrlenW
GetModuleHandleA
GetStartupInfoA
LocalReAlloc
lstrcpyW
GetLocaleInfoW
WideCharToMultiByte
LoadLibraryW
GetSystemWindowsDirectoryW
SetLastError
OutputDebugStringW
GlobalFree
GetCurrentProcess
FileTimeToLocalFileTime
GlobalAlloc
QueryPerformanceCounter
GetComputerNameW
GlobalUnlock
MultiByteToWideChar
IsValidCodePage
GetProcAddress
WriteFile
GetSystemDefaultLCID
InitializeCriticalSection
CloseHandle
GlobalLock

certcli

CACertTypeSetSecurity
CAGetCAProperty
CAEnumNextCertType
CACreateCertType
CAAddCACertificateType
CARemoveCACertificateType
CACloseCA
CAEnumCertTypesForCA
CACertTypeGetSecurity
CASetCertTypeFlags
CASetCertTypeProperty
CAGetCertTypePropertyEx
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CASetCertTypeExtension
CAGetCertTypeExtensions
CAEnumCertTypes
CAFindByName
CACloseCertType
CAUpdateCertType
CAGetCertTypeFlags
CAUpdateCA
CAFindCertTypeByName
CAGetCertTypeProperty
CAGetCertTypeKeySpec
CASetCertTypeKeySpec
CAFreeCAProperty

gdi32

GetDeviceCaps
DeleteObject
CreateFontIndirectW

msvcrt

wcscat
_wcsupr
memmove
wcslen
_adjust_fdiv
??3@YAXPAX@Z
?terminate@@YAXXZ
wcsrchr
free
vswprintf
??2@YAPAXI@Z
malloc
__dllonexit
wcscmp
mbstowcs
_initterm
_wcsicmp
wcstoul
wcscpy
wcsstr
wcschr
_except_handler3
_purecall
_onexit
??1type_info@@UAE@XZ
__RTDynamicCast

shell32

ShellExecuteExW
ShellExecuteW

cryptui

CryptUIDlgSelectCertificateW
CryptUIDlgViewCRLW
CryptUIDlgViewCertificateW
CryptUIWizExport

crypt32

CertGetCertificateContextProperty
CertCloseStore
CryptDecodeObject
CertGetEnhancedKeyUsage
CertDeleteCertificateFromStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertFreeCRLContext
CryptEncodeObject
CertGetNameStringW
CertAddCertificateContextToStore
CryptEnumOIDInfo
CertControlStore
CryptQueryObject
CertSaveStore
CertOpenStore
CertFindCRLInStore
CryptFindOIDInfo
CertFreeCertificateContext
CertDuplicateStore
CertEnumSystemStore

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW

user32

WinHelpW
LoadStringW
LoadIconW
SetDlgItemTextW
LoadBitmapW
SetCursor
GetDlgItemTextA
GetDlgItem
GetWindowLongW
InsertMenuItemW
RegisterClipboardFormatW
EnableWindow
MessageBoxW
wsprintfW
SendMessageW
GetParent
SetFocus
DialogBoxParamW
PostMessageW
ReleaseDC
LoadCursorW
SendDlgItemMessageW
GetDC
SystemParametersInfoW
EndDialog
LoadImageW
SetWindowLongW
SetWindowTextW

ole32

ReleaseStgMedium
StringFromGUID2
CreateStreamOnHGlobal
CoCreateInstanceEx
CoTaskMemAlloc
CoSetProxyBlanket
StringFromCLSID
CoTaskMemFree
GetHGlobalFromStream

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 86KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6979a54e9370e33c87f46e5a90a98ca6

Headers

File Characteristics

Imports

kernel32

certcli

gdi32

msvcrt

shell32

cryptui

crypt32

advapi32

user32

ole32

comctl32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 38KB - Virtual size: 38KB

.mdata Size: 86KB - Virtual size: 2.2MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 38KB - Virtual size: 38KB

.mdata
Size: 86KB - Virtual size: 2.2MB

.rsrc
Size: 4KB - Virtual size: 3KB