d103e4f0f7abe3d25030fd039c6e0841517454db085c9a1e2a5a3dd6bd18e9ee

Sharing

Copy URL Twitter E-mail

General

Target

d103e4f0f7abe3d25030fd039c6e0841517454db085c9a1e2a5a3dd6bd18e9ee
Size

98KB
MD5

acbd8d5c6e9c9e0ffd22abcbd66c03c4
SHA1

0cc8757c26d650ff68f86978c9ce887bc0bd94f2
SHA256

d103e4f0f7abe3d25030fd039c6e0841517454db085c9a1e2a5a3dd6bd18e9ee
SHA512

49f17ce17a1cce2cbd04893d212f9a4da9d25c37469b4f50c1cb0453573d6f3135ac12f504ad5aeae344697e62219de21d4f7a24c3f63397738caa157df7e6de
SSDEEP

1536:zN1DiqdIKTGyQLNaaVbHHS9TcBkgex+OsPMV5ngBAiNmWQNXx4hvwyibj9CoQCv:R1mwbTG3NVHHZtPFhcx+vri0d

Score

N/A

Malware Config

Signatures

Files

d103e4f0f7abe3d25030fd039c6e0841517454db085c9a1e2a5a3dd6bd18e9ee
.exe windows x86

f0057d4d3a71c3ffe1c141253092bee3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetProcessId
WideCharToMultiByte
SetLastError
GlobalLock
RemoveDirectoryW
GlobalAlloc
IsValidCodePage
FileTimeToLocalFileTime
GetCurrentProcess
OutputDebugStringA
GetModuleHandleA
LocalFree
GetLastError
lstrcmpiW
OutputDebugStringW
QueryPerformanceCounter
lstrlenW
SetUnhandledExceptionFilter
GetModuleFileNameW
GetEnvironmentStringsW
IsBadReadPtr
GetDateFormatW
GetSystemWindowsDirectoryW
GetACP
InterlockedIncrement
GlobalUnlock
GetComputerNameW
lstrcpyW
CreateFileW
InitializeCriticalSection
FormatMessageW
LocalReAlloc
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
GlobalFree
GetEnvironmentStringsA
GetTickCount
FileTimeToSystemTime
LoadLibraryW
InterlockedDecrement

user32

SetFocus
SystemParametersInfoW
GetDlgItemTextA
GetDC
PostMessageW
GetWindowLongW
LoadIconW
SendDlgItemMessageW
LoadBitmapW
WinHelpW
EndDialog
DialogBoxParamW
LoadCursorW
wsprintfW
LoadImageW
SetCursor
InsertMenuItemW
SendMessageW
EnableWindow
SetWindowTextW
ReleaseDC
SetDlgItemTextW
GetParent
LoadStringW
RegisterClipboardFormatW
SetWindowLongW
GetDlgItem
MessageBoxW

msvcrt

wcsrchr
_onexit
wcscpy
_initterm
_purecall
_wcsupr
wcscat
??2@YAPAXI@Z
wcsstr
_except_handler3
vswprintf
malloc
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__RTDynamicCast
wcschr
free
wcslen
_adjust_fdiv
wcstoul
mbstowcs
??3@YAXPAX@Z
__dllonexit
wcscmp
_wcsicmp
memmove

certcli

CASetCertTypeKeySpec
CACloseCertType
CAFreeCAProperty
CAGetCertTypeKeySpec
CAEnumCertTypesForCA
CAEnumNextCertType
CAGetCertTypeProperty
CAGetCertTypePropertyEx
CASetCertTypeFlags
CACreateCertType
CACertTypeGetSecurity
CAGetCertTypeFlags
CACloseCA
CASetCertTypeProperty
CAFindCertTypeByName
CACertTypeSetSecurity
CAUpdateCA
CARemoveCACertificateType
CAFreeCertTypeProperty
CAEnumCertTypes
CAGetCertTypeExtensions
CASetCertTypeExtension
CAFreeCertTypeExtensions
CAAddCACertificateType
CAUpdateCertType
CAGetCAProperty
CAFindByName

advapi32

RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW

gdi32

GetDeviceCaps
DeleteObject
CreateFontIndirectW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0057d4d3a71c3ffe1c141253092bee3

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

certcli

advapi32

gdi32

comctl32

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 69KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 69KB

.rsrc
Size: 24KB - Virtual size: 23KB