3a6ba1b10f5ec44a8efe83e4442acb12d3b53779d6232dbde63c78f7d2e7cb5a

Sharing

Copy URL Twitter E-mail

General

Target

3a6ba1b10f5ec44a8efe83e4442acb12d3b53779d6232dbde63c78f7d2e7cb5a
Size

363KB
MD5

1753e46e56ca5f595f6b911100a456a0
SHA1

904850e3752d79c2fcef6171d5f504829f473a28
SHA256

3a6ba1b10f5ec44a8efe83e4442acb12d3b53779d6232dbde63c78f7d2e7cb5a
SHA512

962d028c0bba8189f921a33ae46dabef500773dcf7fc8b666886d04d1d9193eb5f7a192a1976373aa6f625ddfc86ee9da696ac57fa19f3735bc0be8aa104c56a
SSDEEP

6144:kKZrBVVIRsabLLF/TMjGYYQfQNUOp24bP++vW7wkg7wVy40WWpbgcBDS47:BZrBVViVrFICQ0UOp2q67Fg7waWWd

Score

N/A

Malware Config

Signatures

Files

3a6ba1b10f5ec44a8efe83e4442acb12d3b53779d6232dbde63c78f7d2e7cb5a
.exe windows x86

69c7ddd921f4ebe6df9f693b6eedb6ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cryptui

CryptUIStartCertMgr
LocalEnrollNoDS
DllUnregisterServer
WizardFree
CryptUIDlgCertMgr
CryptUIDlgSelectStoreA
CryptUIWizCertRequest
CryptUIDlgSelectCertificateA
CryptUIWizExport
I_CryptUIProtect
CryptUIDlgFreeCAContext
CryptUIDlgSelectCertificateFromStore
CryptUIWizSubmitCertRequestNoDS
CryptUIWizDigitalSign
CryptUIGetViewSignaturesPagesA
CryptUIDlgSelectCA
ACUIProviderInvokeUI
EnrollmentCOMObjectFactory_getInstance
CryptUIWizFreeDigitalSignContext
LocalEnroll
CryptUIDlgViewSignerInfoA
DllRegisterServer
CryptUIDlgViewCTLA
CryptUIWizCreateCertRequestNoDS
CryptUIDlgViewCRLA
CryptUIFreeCertificatePropertiesPagesA
I_CryptUIProtectFailure
CryptUIWizImport
CryptUIGetCertificatePropertiesPagesA
CryptUIDlgViewContext
CryptUIDlgViewCertificatePropertiesA
CryptUIFreeViewSignaturesPagesA
CryptUIWizQueryCertRequestNoDS
CryptUIWizBuildCTL
CryptUIWizFreeCertRequestNoDS
CryptUIDlgViewCertificateA
RetrievePKCS7FromCA

advpack

TranslateInfString
LaunchINFSection
FileSaveRestoreOnINF
RegSaveRestoreOnINF
DelNodeRunDLL32
RegInstall
UserUnInstStubWrapper
GetVersionFromFile
RegSaveRestore
GetVersionFromFileEx
SetPerUserSecValues
LaunchINFSectionEx
ExecuteCab
RegRestoreAll
RegisterOCX
FileSaveRestore
CloseINFEngine
RebootCheckOnInstall
FileSaveMarkNotExist
DelNode
NeedRebootInit
OpenINFEngine
ExtractFiles
AddDelBackupEntry
IsNTAdmin
TranslateInfStringEx
UserInstStubWrapper
DoInfInstall
AdvInstallFile
RunSetupCommand
NeedReboot

user32

ScreenToClient
EnableMenuItem
GetMenu
DrawTextA
MessageBoxA
TrackPopupMenuEx
GetSysColorBrush
GetDlgItem
GetDlgCtrlID
CheckDlgButton
EnableWindow
SetProcessDefaultLayout
SetWindowLongA
SetMenu
CreateWindowExA
CheckMenuRadioItem
SendMessageA
OffsetRect
SetWindowPos
LoadIconA
DispatchMessageA
SetDlgItemInt
DestroyMenu
GetSubMenu
DestroyWindow
CheckRadioButton
LoadMenuA
SetFocus
BeginPaint
LoadAcceleratorsA
GetWindowRect
SystemParametersInfoA
DefWindowProcA
CloseClipboard
PostQuitMessage
SetDlgItemTextA
GetClientRect
LoadCursorA
HideCaret
UpdateWindow
MapWindowPoints
SetCursor
InvalidateRect
TranslateAcceleratorA
GetDesktopWindow
IsChild
GetMessageA
EndPaint
OpenClipboard
GetWindowLongA
IsClipboardFormatAvailable
GetProcessDefaultLayout
IsDialogMessageA
GetWindowTextA
GetSysColor
RegisterClassExA
GetClipboardData
CharNextA
ChildWindowFromPoint
LoadStringA
MessageBeep
SetWindowTextA
CallWindowProcA
DialogBoxParamA
EndDialog
WinHelpA
CheckMenuItem
CreateDialogParamA
TranslateMessage
ShowWindow

kernel32

DeleteFileA
GetFileAttributesA
GetProcessHeaps
lstrcpynA
CreateFileA
VirtualAlloc
lstrlenA
GetSystemTimeAdjustment
GetProcessHeap
CompareStringA
lstrcatA
FileTimeToSystemTime
GetFileTime
GetModuleHandleA
FileTimeToLocalFileTime
GetLocalTime
GetSystemTimeAsFileTime
GetSystemTimes
TransactNamedPipe
SystemTimeToFileTime
ReadFileScatter
lstrcpyA
GetNamedPipeHandleStateA
HeapSize
GetFirmwareEnvironmentVariableA
SetFilePointerEx
ReadFile
PeekNamedPipe
ExpandEnvironmentStringsA
lstrcmpiA
CloseHandle
GetEnvironmentStringsA
SetFirmwareEnvironmentVariableA
InterlockedIncrement
GetEnvironmentVariableA
CallNamedPipeA
InterlockedExchangeAdd
IsBadStringPtrA
WriteFileGather
FileTimeToDosDateTime
lstrcmpA
ReadFileEx
HeapAlloc
SetFilePointer
WriteFile
GetStringTypeExA
InterlockedFlushSList
DisconnectNamedPipe
DosDateTimeToFileTime
WriteFileEx
SetEnvironmentVariableA
GetFileAttributesExA
InterlockedDecrement
GetNamedPipeInfo
FreeEnvironmentStringsA
InterlockedPushEntrySList
WaitNamedPipeA
GetSystemTime
VirtualFree
InterlockedCompareExchange
GetStringTypeA
ConnectNamedPipe
InterlockedPopEntrySList
SetNamedPipeHandleState
InterlockedExchange

Sections

.text
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69c7ddd921f4ebe6df9f693b6eedb6ad

Headers

DLL Characteristics

File Characteristics

Imports

cryptui

advpack

user32

kernel32

Sections

.text Size: 274KB - Virtual size: 274KB

.data Size: 13KB - Virtual size: 12KB

.rsrc Size: 76KB - Virtual size: 724KB

.text
Size: 274KB - Virtual size: 274KB

.data
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 76KB - Virtual size: 724KB