3e63ed1d5773bd181e10b0d13538f11a2e6d049da1e986d30d9d4b612dfe5680

Sharing

Copy URL Twitter E-mail

General

Target

3e63ed1d5773bd181e10b0d13538f11a2e6d049da1e986d30d9d4b612dfe5680
Size

97KB
MD5

6b8942efd4d45e51c2f1e506ab9ecb3b
SHA1

82cd2318c14cd347089339dfc03d1970e50efd3b
SHA256

3e63ed1d5773bd181e10b0d13538f11a2e6d049da1e986d30d9d4b612dfe5680
SHA512

128dafa7bd782fda83f853f672f665e60e86a709db17b8be4040cd72ceee6fe269769e7d96dfdadc7a1be75c30c12245f3d491778efa4ceb77ccb7d610172d89
SSDEEP

1536:rYsdYC7pzXgtczF/rulMBKr0zTnTepkq6A+SwX5ugM3:QC7pzQmzFqixnTeGBSSw

Score

N/A

Malware Config

Signatures

Files

3e63ed1d5773bd181e10b0d13538f11a2e6d049da1e986d30d9d4b612dfe5680
.exe windows x86

e1601aa40c1fff075905275f5075936c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

?terminate@@YAXXZ
wcscpy
wcslen
??2@YAPAXI@Z
_purecall
wcscmp
__dllonexit
__RTDynamicCast
wcschr
_except_handler3
wcsstr
wcscat
_initterm
_wcsupr
_adjust_fdiv
mbstowcs
vswprintf
_onexit
free
wcsrchr
wcstoul
memmove
??1type_info@@UAE@XZ
_wcsicmp
??3@YAXPAX@Z
malloc

certcli

CAFindCertTypeByName
CAEnumCertTypesForCA
CASetCertTypeKeySpec
CARemoveCACertificateType
CAUpdateCertType
CACreateCertType
CAGetCertTypePropertyEx
CAEnumCertTypes
CACertTypeGetSecurity
CAGetCertTypeKeySpec
CAFreeCAProperty
CAGetCertTypeFlags
CAFindByName
CAGetCertTypeExtensions
CAFreeCertTypeProperty
CAGetCAProperty
CAAddCACertificateType
CAUpdateCA
CASetCertTypeFlags
CACloseCertType
CAFreeCertTypeExtensions
CACertTypeSetSecurity
CAEnumNextCertType
CASetCertTypeProperty
CACloseCA
CAGetCertTypeProperty
CASetCertTypeExtension

user32

SetWindowLongW
wsprintfW
SystemParametersInfoW
SetCursor
GetDlgItem
PostMessageW
GetDC
RegisterClipboardFormatW
EndDialog
DialogBoxParamW
LoadCursorW
GetParent
LoadIconW
GetWindowLongW
EnableWindow
SetDlgItemTextW
InsertMenuItemW
SendMessageW
MessageBoxW
SetWindowTextW
LoadStringW
LoadBitmapW
WinHelpW
LoadImageW
GetDlgItemTextA
SetFocus
SendDlgItemMessageW
ReleaseDC

kernel32

lstrcpyW
InitializeCriticalSection
GetACP
GetComputerNameW
GetLastError
GetSystemTimeAsFileTime
OutputDebugStringW
FileTimeToLocalFileTime
FormatMessageW
GlobalLock
CloseHandle
GetSystemWindowsDirectoryW
lstrcmpiW
IsValidCodePage
GetDateFormatW
GetProcAddress
GlobalAlloc
InterlockedDecrement
GetEnvironmentStringsA
LocalFree
QueryPerformanceCounter
SetLastError
IsBadReadPtr
DeleteCriticalSection
GlobalUnlock
FileTimeToSystemTime
GetModuleHandleA
lstrlenW
GetModuleFileNameW
LocalReAlloc
SetUnhandledExceptionFilter
GetTickCount
RemoveDirectoryW
OutputDebugStringA
WideCharToMultiByte
GetCurrentProcess
GetStartupInfoA
InterlockedIncrement
CreateFileW
GlobalFree
LoadLibraryW

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1601aa40c1fff075905275f5075936c

Headers

File Characteristics

Imports

msvcrt

certcli

user32

kernel32

advapi32

gdi32

comctl32

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 72KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 72KB

.rsrc
Size: 23KB - Virtual size: 22KB