aaeb718474966bf19875174ac2d9b1c8243f6b914fb72fe033dceb15a8139393

Sharing

Copy URL Twitter E-mail

General

Target

aaeb718474966bf19875174ac2d9b1c8243f6b914fb72fe033dceb15a8139393
Size

98KB
MD5

0ce501cd054bea43d056c5ccd8b60683
SHA1

8fff20a5248d7909837ac8bda3a1dd10b07bf9a8
SHA256

aaeb718474966bf19875174ac2d9b1c8243f6b914fb72fe033dceb15a8139393
SHA512

d0441d0509eb873cadfaf2680b39af516b550e209a889c47be8f8629b88e87fc545f3e868cc9c2c7f6c11fe979b19b28a73db28b9a3ea613af4866cc38288b38
SSDEEP

1536:2LHDWHdsLFoaU012Vwku7efcn76GTOzp322K6/ZC02o5c:2Hk6LCaUebkuK0ZTiZC02

Score

N/A

Malware Config

Signatures

Files

aaeb718474966bf19875174ac2d9b1c8243f6b914fb72fe033dceb15a8139393
.exe windows x86

5b1d14b82b533d24a248b234c02adcf4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatW
InitializeCriticalSection
GetComputerNameW
OutputDebugStringW
RemoveDirectoryW
FileTimeToSystemTime
IsBadReadPtr
CloseHandle
GetCurrentProcess
SetLastError
IsValidCodePage
lstrcmpiW
GetSystemWindowsDirectoryW
InterlockedDecrement
GlobalUnlock
GetProcessId
lstrcpyW
GetLastError
InterlockedIncrement
lstrlenW
GetStartupInfoA
GetTickCount
GlobalFree
LocalReAlloc
WideCharToMultiByte
CreateFileW
FormatMessageW
GetModuleHandleA
DeleteCriticalSection
GetEnvironmentStringsW
OutputDebugStringA
LoadLibraryW
SetUnhandledExceptionFilter
GetEnvironmentStringsA
FileTimeToLocalFileTime
QueryPerformanceCounter
GlobalAlloc
LocalFree
GlobalLock
GetModuleFileNameW
GetACP
GetSystemTimeAsFileTime

user32

SystemParametersInfoW
ReleaseDC
SetCursor
SetWindowLongW
GetWindowLongW
LoadStringW
LoadCursorW
DialogBoxParamW
LoadImageW
SetDlgItemTextW
LoadIconW
SendMessageW
InsertMenuItemW
SetFocus
EnableWindow
SetWindowTextW
SendDlgItemMessageW
LoadBitmapW
MessageBoxW
GetParent
WinHelpW
EndDialog
GetDlgItem
GetDlgItemTextA
wsprintfW
GetDC
PostMessageW
RegisterClipboardFormatW

msvcrt

_wcsupr
??2@YAPAXI@Z
_initterm
wcscat
_wcsicmp
__dllonexit
_except_handler3
vswprintf
??1type_info@@UAE@XZ
?terminate@@YAXXZ
wcscmp
wcslen
free
wcschr
wcstoul
malloc
wcsstr
memmove
_purecall
wcsrchr
_adjust_fdiv
mbstowcs
??3@YAXPAX@Z
wcscpy
_onexit
__RTDynamicCast

advapi32

RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW

certcli

CASetCertTypeFlags
CAFindCertTypeByName
CASetCertTypeProperty
CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CASetCertTypeKeySpec
CAEnumNextCertType
CAGetCertTypeFlags
CAUpdateCertType
CACloseCertType
CASetCertTypeExtension
CAUpdateCA
CAAddCACertificateType
CAGetCertTypeProperty
CACertTypeGetSecurity
CACertTypeSetSecurity
CAGetCAProperty
CAFreeCAProperty
CAGetCertTypeExtensions
CAFindByName
CACloseCA
CAEnumCertTypesForCA
CAFreeCertTypeProperty
CARemoveCACertificateType
CAEnumCertTypes
CACreateCertType
CAGetCertTypePropertyEx

comctl32

PropertySheetW
CreatePropertySheetPageW

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b1d14b82b533d24a248b234c02adcf4

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

certcli

comctl32

gdi32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 107KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 107KB

.rsrc
Size: 24KB - Virtual size: 24KB